topic Re: Action is Reset Both in traffic monitoring in Next-Generation Firewall Discussions https://live.paloaltonetworks.com/t5/next-generation-firewall/action-is-reset-both-in-traffic-monitoring/m-p/577801#M2679 <P>Hello,</P> <P><BR />Are you seeing this session end under the traffic logs? It sounds like there isnt a rule allowing this traffic. Under the "Policies" tab is there a rule thats create to allow access for this traffic? You could also use the "Test Policy Match" button at the bottom of the same page to see what rule the traffic would hit. If it was something under the threat logs stopping it you should see session end reason "threat". You could also be seeing policy-deny as a result of a file blocking profile or I've seen it in some cases as a result of something pertaining to ssl inspection.</P> Tue, 20 Feb 2024 21:09:09 GMT Claw4609 2024-02-20T21:09:09Z Action is Reset Both in traffic monitoring https://live.paloaltonetworks.com/t5/next-generation-firewall/action-is-reset-both-in-traffic-monitoring/m-p/577798#M2678 <P>The user was trying to access the Proofpoint links it is not accessible in the firewall. We could see the action is reset both in monitoring and a session end reason is policy-deny and checked the threat logs but we couldn't see any logs in the threat. could someone please help me to understand the issue</P> Tue, 20 Feb 2024 20:34:00 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/action-is-reset-both-in-traffic-monitoring/m-p/577798#M2678 SuganthanD 2024-02-20T20:34:00Z Re: Action is Reset Both in traffic monitoring https://live.paloaltonetworks.com/t5/next-generation-firewall/action-is-reset-both-in-traffic-monitoring/m-p/577801#M2679 <P>Hello,</P> <P><BR />Are you seeing this session end under the traffic logs? It sounds like there isnt a rule allowing this traffic. Under the "Policies" tab is there a rule thats create to allow access for this traffic? You could also use the "Test Policy Match" button at the bottom of the same page to see what rule the traffic would hit. If it was something under the threat logs stopping it you should see session end reason "threat". You could also be seeing policy-deny as a result of a file blocking profile or I've seen it in some cases as a result of something pertaining to ssl inspection.</P> Tue, 20 Feb 2024 21:09:09 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/action-is-reset-both-in-traffic-monitoring/m-p/577801#M2679 Claw4609 2024-02-20T21:09:09Z