My user generated a behavioral threat alert, which caused the two PCs to not be able to communicate with each other. After we turned off the protection function of xdr agent, they were able to communicate with each other. I did not see the block ip on the XDR cloud server. Someone Can you tell me why? I added allow ip below but it did not take effect
... View more
Hi support， The situation is this. After the normal traffic passes through the PA, it goes to the nginx proxy server in the DMZ. The nginx then sends the traffic to the back-end server, and finally the server sends the traffic to the nginx proxy server. The nginx then sends the traffic to the PA, and the PA is finally given to the user. However, this is the case. We are doing a PA online for a customer, replacing the CheckPoint with a PA. When PA was first launched, users could access applications normally. After a few hours, only computer access was found, and there was a problem with mobile phone access, and it would prompt failure to call the port. But the PA log shows that everything is normal, there is no blocked log, and we show that the traffic of the application is normal, and it is not blocked by TP, but the user's mobile phone can't access it, only the computer can access it. So we did a rollback, replaced the PA with a CP, and the user experience was normal. Why is that?
... View more