I feel like I should already know this, but I just need a sanity check.
I have a rule that allows host A to B via tcp/900. So host A starts to communicate via host B via that port. The firewall allows it and a session is created. Now, assume A and B stop talking but don't formally close the session. After the default timer, the PAN closes that session. Now, A tries to communicate to B b/c it still thinks it has an active session. When that traffic hits the firewall, should it show up in the monitor log as a "deny"? Will it just silently drop the packet? Will it try to start a new session and I'd see a new "start" in the monitor?
... View more