01-19-2017 11:41 PM
Hi,
I have allowed a FTP session. However, the FTP session does not connect. When I search the logs, the traffic is allow however the session end reason is tcp-rst-from-client.
Please advice.
Thks and Rgds
03-21-2017 01:01 PM
Is there a better way than a screen shot?
Here's the ruleset I have, only NetAdmin and NTP work at this time.
03-21-2017 04:47 PM - edited 03-21-2017 04:47 PM
Do you have any security profiles applied for the policies? Anything in the threat logs? Temptrip HTTPS policy service tab got only service port name changed l guess (is it still 443). Your policies can be combined into a single (1) rule. Did you test with application and services as any, without the security profiles (if any) or even to bypass the Palo?
03-28-2017 03:41 PM
I got my SE on the case and while studying packet-captures it suddenly seemed like the communication was great until the packets got big. We wondered if it could be an MTU problem.
I put a laptop in the PA220's place and ran through the connections at MTU 1500 - AOK.
Put the laptop in the client's place and had to drop down to 1400 to get the transfers to go.
We couldn't find anywhere in the PA220 where MTU was set below default (1500?) but when we turned on jumbo-frames and set the GlobalMTU at jumbo-default, and rebooted, all flows pass properly.
Yay, but really?!
03-31-2017 11:34 AM
i'll eat my crow now...
Problem solved:
Bad cable/ethernet jack on upstream router. All successful connections correlate with events where a coworker was forcing the lab traffic over a different link. His timing just made my troubleshooting harder.
Layer 1 sure gets in the way when you're think 4 through 7.
07-16-2020 10:32 PM
Hi All,
I am using PA-850, where copying files from internet or other sites via PAN has slowed down very much.
On Monitor logs, it shows TCP-RST-FROM-CLIENT. And when I do PCAP on those packets I see TCP getting retransmitted.
Any help would be great here. Thanks.
Regards,
Raghav
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!