11-17-2020 08:57 AM
Dear community,
I configured schedule on policies and it seems that as per design the existing sessions are not affected by the schedule:
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/objects/objects-schedules.htm...
Meaning that if a session was created before the schedule, the traffic will not hit the scheduled policy unless sessions are cleared.
Do you know if there´s any way to try to make the existing policies to be affected by the shedule without needing for example to clear the sessions with a script?
Thank you in advance!
11-17-2020 09:37 AM
There's really no way to do what you are looking. If session rematch is enabled and a commit is done the rulebase would be re-analyzed, but that's more work then simply scripting clearing the sessions and could have unintended consequences if someone was working on the GUI/CLI and was in the middle of a change that wasn't ready to be committed.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
