- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
06-12-2018 12:31 PM
We are seeing some of our Palo's periodically logging (almost) all traffic as unknown-tcp.
As the traffic is being allowed through (and logged against) rules that do not allow it we assume this is a problem with the logs, rather than traffic being miscategorised. However we do seem to be be experiencing some random issues that may, or mayt not be connected.
Rebooting the Palo seems to clear the problem.
Just wondering if anyone else has see this (we are 8.1.1) before opening a support call.
06-12-2018 01:16 PM
I've been running 8.1.1 on some lab equipment and at home for a bit and haven't seen this issue at all; further I haven't heard of anyone else experiancing an issue like this running 8.1.*.
That being said you probably want to open a ticket simply to at least provide PA with the logs so that they can see why you are experiancing this issue.
08-02-2018 04:54 AM
Fraid not - we're currently escalaing this with Palo.
In a way it's good to know others are impacted by this as we're being told it's never been seen before.
Interestingly for us we see this much more in our US locations - we have same hardware, same OS version, same rules in EU and Asia locations and we're seeing 90% less unknown trafic types being logged.
10-17-2018 01:35 PM
Checking to see if you ever heard back from TAC on this issue.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!