SNMP Traps are not seen on the Management Interface of PA-7000 Platform
888
Created On 11/12/24 10:37 AM - Last Modified 03/06/26 02:48 AM
Symptom
- SNMP Traps are not seen in packet captures on the Management Interface of PA-7000 Platform.
- The output below shows SNMP Enqueue and Send Count increasing:
>debug log-receiver statistics
...
External Forwarding stats:
Type Enqueue Count Send Count Drop Count Queue Depth Send Rate(last 1min)
syslog 228025790756 228025534804 109234906902 255936 5624071
snmp 1646 1637 9 0 0
email 0 0 0 0 0
raw 0 112420485926 0 0 2462378
http 0 0 0 0 0
autotag 0 0 0 0 0
quarantine 0 0 0 0 0
Environment
- PA-7000 Platform with LFC Card
- SNMP Traps
Cause
On PA-7000 Series Firewall, SNMP traps are being sent via the Log Forwarding Card (LFC).
Resolution
Make sure SNMP Trap Server is available and reachable from LFC:
-
Verify the LFC slot number by executing this command:
> show chassis inventory
Slot Component Serial Number Ports Revision Power (w)
Chassis 01010xxx8 1.0
empty
1 PA-7000-100G-NPC-A 01560xxxx1 28 1.5 430
2 PA-7000-100G-NPC-A 0156xxxx32 28 1.5 430
3 empty
4 PA-7050-SMC-B 018xxxxx40 2 2.1 500
5 empty
6 empty
7 empty
8 PA-7000-LFC-A 0183xxxxx45 10 1.2 240
FANTRAY1 PA-7050-FANTRAY-L-A 018xxxxxx88 1.0 180
FANTRAY2 PA-7050-FANTRAY-R-A 02xxxxxx304 1.0 1120
PS1 CAR2548FPBCXZ03A GBxxx33 3 2500 (+)
PS2 CAR2548FPBCXZ03A GBxxx30 3 2500 (+)
PS3 CAR2548FPBCXZ03A GBxxx39 3 2500 (+)
PS4 CAR2548FPBCXZ03A GBxxx09 3 2500 (+)
-
Check status of the LFC interface:
>debug log-card-interface info slot slot_number
admin@Lab33-187-PA-7050> debug log-card-interface info slot s8
-------------------------------------------------------------------------------
Name: log-card-interface
.....(output Omitted)...
Left LFC QSFP module as 1x40G:
Port 9 Link status:
Runtime mode/setting/link: Autoneg/40Gb/s-full/Up
Configured mode/setting: Autoneg/40Gb/s-full
......(output Omitted)
MAC address:
Port MAC address d4:1d:71:04:ac:00
Interface Type:
Port Type unknown
Ip address: 10.5.x.x
Ip Assignment: unknown
Netmask: 255.255.x.x
Default gateway: 10.5.x.x
Ipv6 address:
IPv6 Assignment: unknown
Ipv6 link local address: unknown
Ipv6 default gateway:
-
Check the network connectivity to SNMP Trap Server:
>debug log-card-interface ping host snmp_srv_ip_address slot slot_number
-
Verify SNMP counters on log forwarding statistics are increasing:
>debug log-receiver statistics
> debug log-receiver statistics
Summary Statistics:
External Forwarding stats:
Type Enqueue Count Send Count Drop Count Queue Depth Send Rate(last 1min)
syslog 0 0 0 0 0
snmp 164196 164189 0 0 8
email 0 0 0 0 0
raw 0 161897 0 0 8
http 0 0 0 0 0
autotag 0 0 0 0 0
quarantine 0 0 0 0 0
- If the issue is not resolved, open a Support case.