PANOS10 Security Policy Not Matching Randomly

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

PANOS10 Security Policy Not Matching Randomly

L0 Member

Running a PA220 with PANOS 10.0.1 Simple NAT/Security policy in place to permit an outside application access on X port.  Traffic flows as expected, although randomly traffic goes unmatched and is dropped by the FW.  Jiggling the handle by remapping the port from 80 back to 2075 with commits corrects the issue.  TAC has reviewed the configuration and agrees all is proper, has anyone else seen this ? 

 

I did not observe this condition in 9.x

 

3 REPLIES 3

Cyber Elite
Cyber Elite

@jdigangi,

PAN-OS 10.0 is very early in its release cycle and you're going to run into bugs. It sounds like you've come across one and have already reported it to TAC, so they've hopefully gathered logs and have attempted to reproduce the issue so they can create a bug report. Can't say that I've seen this issue throughout our testing of PAN-OS 10 personally. 

I believe it is a bug also, I just requested my case to be re-opened again.  Its a challenge to leave it broken and get free time to work with TAC, anything other than a support bundle typically needed to open a bug?  I have also noticed the traffic isn't showing up in the GUI logs only the CLI logs.

Cyber Elite
Cyber Elite

I am also running 10.0.1 so far no issues like this.

I am testing this on PA 820.

MP

Help the community: Like helpful comments and mark solutions.
  • 2292 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!