11-20-2024 08:44 AM
I created a new FQDN object and added it to a security policy.
After committing changes, I tried to validate the rule was working, but I get this error in the traffic log when searching for (addr in 'my-FQDN-object'):
The security policy rule is not working either. It should allow access to this FQDN address, but is not triggering
I can see the correct address in the palo FQDN cache (using show dns-proxy fqdn all). There's one IPv4 and one IPv6 result
I also verified the Palo was able to resolve the FQDN while creating the object
Any idea what I'm missing here?
Model: PA-850
11-21-2024 12:02 PM
Hello @Matthew-Hale
You're setting up an FQDN on an IP range object. I recommend choosing the FQDN object instead and trying again.
Regards
11-21-2024 02:41 PM
@jpomachagua These are FQDN objects, despite the error message text. From the running config:
address {
my-FQDN-object {
fqdn sftp.host-id.domain.com;
}
}
Although I guess I'm not able to use those objects for searching traffic logs like I expected...
I made some other FQDN objects to test with, and those just say "invalid value" in the traffic monitor, which makes more sense. I'll have to investigate further why they're not matching in the rule
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
