My company has had an issue for over a year and Palo Alto cant figure it out. We're using Azure's Palo Alto offering. * We have a security rule that is sourced from our trusted paas and destined to Azures Paas storage. Port 1433 app id: mssql db encrypted. * Multiple times a week traffic all of a sudden goes from being allowed under a specific rule to being denied without changes being made.(its being denied under interzone-default policy which of course is deny. * The only way to fix the issue is to make any change and hit commit, then the packets start hitting the rule again. * We put a fall back rule source any destination any port 1433 and any application and this still doesn't resolve the issue. * Packets hitting other rules with different ports and app id's doesn't have this issue only packets. Has anyone experienced this issue?
... View more