Traffic is blocked by the Firewall Palo when security profile is enabled and need to disabled it to access to the destination server
How can we solve this?
In the traffic logs I see traffic is matching with the rule Deny All and after is allowed
Configuration of the security profile is :
Antivirus profile = av_all
Anti-Spyware Profile strict
Vulnerability Protection Profile protec_all
@Stephen24 If you are seeing deny all in traffic logs itself then cross verify security policy first. If anything is getting blocked/deny due to security profile, then it should be seen under Threat, URL filtering logs.
Please do security policy test using 'test' command under cli.
May I use this command for example :
test security-policy-match source <source IP> destination <destination IP/netmask> protocol <protocol number>
Or is there a better way for testing what is blocking by the security profile?
@Stephen24, Yes above mentioned test command will give you the security rule match for mentioned source and destination traffic. This will confirm if traffic is matching desired policy and confirm on traffic action.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The Live Community thanks you for your participation!