I recently upgraded to OS 7.1.15 on my PA 5050, I have two rules with schedules on them and have had for over a year. In the traffic logs it was showing the traffic going back and forth between denying and allowing the traffic. When I removed the schedules they worked with no issues. Any ideas what could be going on?
what does the policy look like and how is the schedule set? are you seeing both allow AND deny happening on the same rule?
the behavior for an allow rule, with a schedule 9am-11am should be:
the behavior for a deny rule, with a schedule 9am-11am should be:
so if you could provide a little more detail, that would be helpful :)
Yes I am seeing both allow and deny on the same rule within seconds. Its been working consistently for over a year until this week. I upgraded the PA to 7.1.15 from 7.1.13 a week ago. I also reset the regions around the same time. This was allowing our student access to certain server/application from a specific wireless IP range to a specific IP. the rules are built with applications not ports, we took off several things(put them back if it didn't fix it) before we found that removing the schedule fixed it
Here is the schedule information:
hm... that's not supposed to happen...
the schedule should make the rules 'invisible' outside of the schedule so they get passed by when the 'decission making process' happens, not reverse the action ...
have you reached out to support on this already? If not I'd do that asap :/
here is a sample of the traffice and is bouncing betweening allowing and dropping the traffic with in minutes. It is being denied by the clean up rule and goes off and on through the rule designed to allow the traffic
ok, that looks more normal than I first expected :)
would you mind adding the rest of the log in there to get a more complete view? (feel free to obfuscate sensitive data ofcourse)
Yup I opened a case with TAC yesterday and am collecting information for them now. I do have a lot of issues that seem to fall outside of the norm
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!