How to Confirm That Specific Traffic is Not Propagating Through the Firewall

How to Confirm That Specific Traffic is Not Propagating Through the Firewall

23746
Created On 04/05/19 18:02 PM - Last Modified 05/05/20 19:13 PM


Objective


  • Identifying issue causing network slowness/latency

 

Environment


  • PA-3020
  • PAN-OS version: 8.1.4
  • Windows 10 clients
  • Test tool: Speed test

Procedure


The following procedure confirms that the latency within the network is not caused by firewall:
  1. Issue a traceroute command to external ip from client
  2. Validate that the paths going to external destination does not include firewall
  3. Create a security policy to deny traffic sourcing from test client to external destination.
These tests confirm that the network traffic is not reaching the firewall. There is something other than firewall causing network latency.

Additional Information


For additional troubleshooting steps, please see the following kb article:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cld9CAC
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/kCSArticleDetail?id=kA10g000000PLPj&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FkCSArticleDetail