So, this morning, all going swell. P1. Hm, okay. Looks like an application issue, SQL related. Nothing on the firewall or policies were touched.
The policy is using Layer 7 App-ID MS-SQL to get a server to communicate with the MSSQL server over TCP-1433.
At the end of the day I had an idea to remove protect profiles and drop from Layer7 to Layer4. Seemed to fix the issue - strange. Added protect profiles - still worked. Remove service ports 1433 and went back to MS-SQL - broken.
Okay, I read the dynamic update for 8656-7766, this was implemented on the firewall at 2am, and looking now, it has a 8hr delay before it installs. Standard.
The content update says they implemented a new application called citrix-director which depends on MS-SQL and was previously classified as MS-SQL. I saw one service trying to use it but the other did not so did not think too much of it.
I suspect something in this update broke traditional MS-SQL communication as we were getting the below error:
" SQL Error -1, Data access error. A transport-level error has occurred when receiving results from the server. (provider: Session Provider, error: 19 - Physical connection is not usable)".
As soon as I drop to Layer4, seems to have fixed it because it becomes application independant.
Anyone else have this same issue? Maybe someone from Palo Alto should investigate this! We dont use a Citrix product, our SQL servers are MS-SQL based.
... View more