- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
05-16-2013 06:38 PM
05-16-2013 06:45 PM
The firewall policies are analyzed left to right and top to bottom... 'not applicable' means that something to the left of the App-ID column caused the traffic to be dropped, so the firewall never got to the point of trying to fingerprint an App-ID because the source or destination or zone wouldn't allow the traffic anyway
05-16-2013 06:56 PM
Well if you could help me out to understand something ..
I have a firewall in layer 2 mode.the policies are their to allow DNS and traffic is coming from a Vlan.
now today suddenly my all DNS traffic was getting denied and goes to block rule.I havent done any changes in policies.
If there was a Vlan mismatch could it cause a policy not to take affect and goes to default rule blocking all DNS traffic and in logs showing me Not-applicable.
05-18-2013 07:57 AM
Um.... sure? Maybe?
I would think that you really want to make sure that all your VWire VLANs you have configured marry up one for one with the VLANs flowing through the two devices you're connecting together via VWire
05-22-2013 02:42 AM
•“not-applicable”
-Session is blocked by the firewall
session time out,, ?
05-22-2013 03:43 PM
Hi,
The below link explains the reason for application showing as not-applicable
https://live.paloaltonetworks.com/docs/DOC-1404
Hope this helps.
Thank you
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!