07-22-2020 01:16 PM
My company has had an issue for over a year and Palo Alto cant figure it out. We're using Azure's Palo Alto offering.
* We have a security rule that is sourced from our trusted paas and destined to Azures Paas storage. Port 1433 app id: mssql db encrypted.
* Multiple times a week traffic all of a sudden goes from being allowed under a specific rule to being denied without changes being made.(its being denied under interzone-default policy which of course is deny.
* The only way to fix the issue is to make any change and hit commit, then the packets start hitting the rule again.
* We put a fall back rule source any destination any port 1433 and any application and this still doesn't resolve the issue.
* Packets hitting other rules with different ports and app id's doesn't have this issue only packets.
Has anyone experienced this issue?