Is or has anyone else had the problem with applications and services being ignored in rules? I have had an issue from all version from 7.0 to 8.1. I have stopped using applications in rules all together because it will not identify the application and instead mark it as "not-applicable". I have the problem with services as well. For example I will create a rule and everything is 100% correct and I will add the service UDP 137 to the rule instead of netbios and it will still drop the **bleep** traffic. What good is a firewall if it doesnt allow the services you tell it to? I cant allow any any any on rules. This is becomming very frustrating.
I promise this is not me. I have had this issue for a while now over several versions. I will create a rule 100% correct source and destination zones and addresses. I will first create the rule using an application for example dns. If the Palo is unable to determine the application it will identify as "incomplete" or "not-applicable" and will drop the dns traffic. So I will create a rule under it I will remove the application and I will create a new service or use an existing one. For dns I will add TCP and UDP 53. I will then push the config. Traffic still gets dropped. This doesnt happen all the time but enough so its a problem.
As @santonic already wrote there is probably something wrong in you är config (even if you promise that it isn't your fault 😛 ). Application incomplete could also have (many) other reasons that the firewall not working properly. Could you share screenshots of the security policy and of a working and nit working connection in your log? Additionally may I ask what PAN-OS version and app version do you have installed?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!