https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/581376#M116364 <P>not sure if reach Azure palo firewall since it's the Azure file sync service.&nbsp; Not to a VM.&nbsp;</P> Fri, 22 Mar 2024 17:41:21 GMT Vanessaxu 2024-03-22T17:41:21Z https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/578542#M116034 <P data-pm-slice="1 1 []">Certain TCP traffic not showing at the Azure Palo firewalls.</P> <P data-pm-slice="1 1 []">There are tcp traffic from on-prem to Azure test subnet vm.</P> <P>The connection path is as below: on-prem user laptop -&gt; onprem palo fw -&gt; express route -&gt;Azure Palo fw -&gt; test vm.</P> <P>There is no NSG on any of the interfaces at Azure side.</P> <P>The RDP traffic from the on-prem user laptop can reach the test vm no problem (tcp 3389).</P> <P>The smb (i.e. TCP 139) traffic from the on-prem user laptop can only shown at the on-prem fw log, showing it was allowed and went out the same path to the express route, but timeout status.</P> <P>The smb traffic is not showing at the Azure palo fw. ( why the smb traffic disappeared after existing the on-prem fw?)</P> <P>The only difference is the on-prem laptop (prd domain) and the azure vm (test domain) belong to different AD domain controllers, with the same domain name.</P> <P>No drop packets on either palo fw.</P> Tue, 27 Feb 2024 20:01:02 GMT https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/578542#M116034 Vanessaxu 2024-02-27T20:01:02Z https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/578633#M116052 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/195603">@Vanessaxu</a> ,</P> <P>&nbsp;</P> <P>Is the traffic actually reaching the Azure fw or is it going lost in transit ? Can you check with a PCAP ?</P> <P>Have you checked the global counters ? There might be drops there that don't show up in traffic log.</P> <P>&nbsp;</P> <P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CloNCAS" target="_blank" rel="noopener">How to check global counters for a specific source and destination IP address</A>&nbsp;</P> <P>&nbsp;</P> <P>Kind regards,</P> <P>-Kim.</P> Wed, 28 Feb 2024 12:17:53 GMT https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/578633#M116052 kiwi 2024-02-28T12:17:53Z https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/581376#M116364 <P>not sure if reach Azure palo firewall since it's the Azure file sync service.&nbsp; Not to a VM.&nbsp;</P> Fri, 22 Mar 2024 17:41:21 GMT https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/581376#M116364 Vanessaxu 2024-03-22T17:41:21Z https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/581386#M116367 <P>did a pcap, can't see the traffic incoming either.</P> Fri, 22 Mar 2024 19:24:32 GMT https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/581386#M116367 Vanessaxu 2024-03-22T19:24:32Z https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/581892#M116427 <P><SPAN>forced traffic to the test vm via VPN, the traffic shows on the Azure Palo firewall log. Seems the the express route blocks certain traffic.&nbsp;</SPAN></P> Wed, 27 Mar 2024 14:41:09 GMT https://live.paloaltonetworks.com/t5/general-topics/certain-tcp-traffic-not-showing-at-the-azure-palo-firewalls/m-p/581892#M116427 Vanessaxu 2024-03-27T14:41:09Z