Application as Not-applicable in Traffic Logs

Application as Not-applicable in Traffic Logs

71484
Created On 09/26/18 13:50 PM - Last Modified 07/31/23 17:00 PM


Symptom


The application column shows the application as not-applicable if the traffic matches an allowing/blocking security rule via a service filter rather than an application filter.

Cause


The firewall traffic is matched from left to right and top to bottom in the security rules. If traffic hits a security rule that's set to "deny," based on any parameter before the application, the traffic log shows the application as not-applicable. This occurs because the traffic was dropped or denied before the application match could be performed.

Resolution


Security Policy denying this traffic:

Security Policy

Traffic Log for this deny logs.

Traffic Log

Log Details appear when you click the icon in a row of traffic logs. 

Log Details appear when you click the icon in a row of traffic logs


The log details above show the bytes and packet count as zero since no traffic was allowed, which is why the application is identified as not-applicable.
Please configure more specific rules above this deny rule to avoid any necessary traffic that is blocked.

 

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClspCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language