IP address associated with wrong zone

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

IP address associated with wrong zone

L3 Networker

My appliance is associating the wrong zone to an ip address. It was picking the correct zone but then stopped.

Does any one know why that would be the case and to get it back into the correct zone?

 

I'm running PAN OS 8.0.4.

 

Thanks,

Eugene

3 REPLIES 3

Cyber Elite
Cyber Elite

Hi Eugene

 

The firewall assings a source zone based on the ingress interface rather than an IP address or route lookup

The packet must be arriving on a diffeent interface than you expect

 

if you look at the traffic log associated with the session and click the log details (little magnifying glass on the left-hand side of the log entry) you will see the source interface in the source details

 

2017-08-22_13-17-50.png

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

Hi Reaper,

 

Thanks for your reply.  I thought that was the case but it didn't seem that way from what could I see.  I had also encountered other routing issues at the time, which are still being investigated by TAC, which could have contributed to the issue.

 

- Eugene

Thanks for the update @eugenep, please keep us posted on your progress with TAC

I'm curious to see what caused it 🙂

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 4081 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!