Trafic blocked when security profile enabled

Reply
Highlighted
L2 Linker

Trafic blocked when security profile enabled

Hello Community,

 

Traffic is blocked by the Firewall Palo when security profile is enabled and need to disabled it to access to the destination server

How can we solve this?

Thanks!

 

S

Highlighted
L2 Linker

Additionnal information,

The same security profile is enabled on other security rules and do not cause any issue

Thank you

Highlighted
L6 Presenter

Hi @Stephen24 What are you seeing in traffic logs? Which security profile is blocking traffic?

 

Mayur



Mayur
Highlighted
L2 Linker

Hello Mayur,

 

In the traffic logs I see traffic is matching with the rule Deny All and after is allowed

Configuration of the security profile is :

Antivirus profile = av_all

Anti-Spyware Profile strict

Vulnerability Protection Profile protec_all

 

Thank you

Highlighted
L6 Presenter

@Stephen24 If you are seeing deny all in traffic logs itself then cross verify security policy first. If anything is getting blocked/deny due to security profile, then it should be seen under Threat, URL filtering logs.

 

Please do security policy test using 'test' command under cli.

 

Mayur



Mayur
Highlighted
L2 Linker

Thank you

May I use this command for example :

test security-policy-match source <source IP> destination <destination IP/netmask> protocol <protocol number>

Or is there a better way for testing what is blocking by the security profile?

Highlighted
L6 Presenter

@Stephen24, Yes above mentioned test command will give you the security rule match for mentioned source and destination traffic. This will confirm if traffic is matching desired policy and confirm on traffic action.

 

Mayur



Mayur
Highlighted
L2 Linker

unfortunately, the rule seen in the result of CLI is not the same than in GUI, is it normal?

ie. the rule which is matching the IPs source and destination in not the same

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!