cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Action and Session End Reason conflict when SSL decryption enabled

L3 Networker

Hi,

 

SSL decryption was turned on for one of the inside servers. Although it looks good, but some of the logs are rather strange.

There are sessions like these:session1.png

Basically  Action - Allow, Rule is hitting correct one (the one permitting the traffic), but Type is Deny and Session End Reason is policy-deny. That looks false to me and it seems that traffic is permitted indeed. Can check more with captures, etc., but has anyone seen such an effect?

 

 PAN-OS: 8.0.2

Who Me Too'd this topic