Firewall status on the Aviatrix Controller:¶
Firewall status on the Aviatrix Controller can be checked by going to firewall network -> advanced -> click on 3 dots on the right.
If firewalls are not managed by Panorama:
- “up”: Aviatrix Controller can ping and query status info from PaloAlto Firewall
- “unaccessible”: Aviatrix Controller can ping, but not query status info from PaloAlto Firewaall
- “down”: Aviatrix Controller cannot ping nor query status from PaloAlto Firewall
If firewalls are managed by Panorama:
Firewall has 3 status, up, unaccessible, down.
If Panorama is accessible from the Aviatrix Controller, the device in Panorama shows “connected”, and the Aviatrix Controller is able to ping the Management Interface of the Firewall, the Aviatrix Controller consider the firewall to be up
If either Panorama is not accessible, or device is not in managed device list, or device shows “disconnected”, Aviatrix Controller then pings the firewall to check status
- If ping passes, Aviatrix Controller consider the firewall to be unaccessible
- If ping fails, Aviatrix Controller consider the firewall to be down.