09-18-2023 04:57 AM - edited 09-18-2023 05:06 AM
Limit on data transfer (biometric punch records) from biometric device located at branches.
Can able to downlaod data if the punch records are less than 30 records and not able to downlaod if records more than 30.
But if we bypass Paloalto firewall we can able to downlaod even the records are more than 40k.
09-18-2023 06:44 AM
what does the traffic/threat log indicate is happening with the flow when you transfer the records?
is the session timing out, being blocked, receiving a RST/FIN, ....
some more information from the flow would be helpful to try and help you figure out what is going on
09-19-2023 01:57 AM
ok that also look like very low byte counts
are source and destination always the same IP?
you could try creating a custom application with a very long lifetime, and then creating an application override rule for these sources/destinations to see if that helps
if not, you'll need to do a little troubleshooting:
debug dataplane packet-diag clear all
debug dataplane packet-diag set filter match source x.x.x.x destination y.y.y.y
debug dataplane packet-diag set filter match source y.y.y.y destination x.x.x.x
debug dataplane packet-diag set filter on
show counter global filter delta yes packet-filter yesrun that last command a few times during the transfer and see if you see any packets being dropped or error messages
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
