This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Exchange emails stopped working due to zone protection profile

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Exchange emails stopped working due to zone protection profile

Rameshwar
L3 Networker

‎01-22-2018 06:20 AM

 Hi All 

 

Emails from inhouse exchange server is not getting delivered to target email ID or either getting delayed . 

I have configured the secuirty policy with no security profile attached and the traffic is showing as allowed was suspecting that it might be getting blocked or dropped due to some security profile .

once i remove zone protection profile the issue is getting resolved and the email are getting delivered properly to the target email id.

As the zone protection profile has multiple options , please advise if there is any specific option which i can disable to resolve this issue , as of now there is no profile mapped to the zone . 

 

one of the suspected option is asymetric path if it is set to drop then fw might be droping the connection but this shoule happen with all the email user and as per the senario it is only happening with certain user and certain domain . 

0 Likes Likes
2 REPLIES 2

reaper
Cyber Elite
Cyber Elite

‎01-22-2018 06:54 AM

hi @Rameshwar

 

the zone protection settings would not 'just' block exchange unless there is something 'wrong' with the connections or there is an unerlying different issue

 

asymmetric path is also a system wide setting that is in place unless you choose to disactivate it globally or via a zone protection profile. there should however be indicators of what went wrong, did you enable filters and did you verify global counters? were there any 'odd' system logs or threat logs?

how did you configure your zone protection ?

 

please check out this article: https://live.paloaltonetworks.com/t5/Featured-Articles/Getting-Started-Packet-Capture/ta-p/72069 it can help you get on your way to analyze the issue

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
0 Likes Likes

BPry
Cyber Elite
Cyber Elite

‎01-23-2018 07:06 AM

@Rameshwar,

Zone Protection by itself really doesn't cause issues if properly configured, it can however bring issues already present into light. As @reaper already pointed out knowing how you actually have your zone protection configured would be helpful, but it could easily be a wider configuration issue that zone protection is simply bringing to the surface. 

If you can identify and provide any system or threat logs that were associated with this event, and provide the configuration of your zone protection profile, it would go a long way in helping to identify the possible issue. 

0 Likes Likes
  • 1615 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks