Applications Timeout on PAN with Riverbed Optimization

Applications Timeout on PAN with Riverbed Optimization

0
Created On 09/26/18 21:04 PM - Last Modified 07/19/22 23:12 PM


Resolution


Issue:

A Riverbed optimization device is situated behind the Palo Alto Networks firewall's interface in the Trust Zone. . Turning on optimization causes applications going out the firewall's WAN interface to time out quickly. Traffic is being categorized properly as “riverbed-rios”, but when viewing the session from the CLI, it is timing out after 10 seconds. This, in turn, is causing riverbed-optimized applications to time out very quickly.

Resolution:

Riverbed running RIOS 5.0 and later can be operated in the following WAN Visibility Modes:

  • -         Correct Addressing
  • -         Port Transparency
  • -         Full Transparency
  • -         Full Transparency with Reset

Full Transparency with Resetis known to not work well with most statefull firewalls.  In this mode of operation, Riverbed sends a forward RESET which causes issues with the firewall monitoring of the session.  Running Riverbed in either of the 3 other modes will resolve the issue stated above.

Owner:  akhan
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm5pCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail