Why is Policy Based Forwarding (PBF) rule not working when the destination is the Firewall's own interface?

Why is Policy Based Forwarding (PBF) rule not working when the destination is the Firewall's own interface?

20185
Created On 07/17/20 04:29 AM - Last Modified 10/10/23 14:26 PM


Question


Why is Policy Based Forwarding (PBF) rule not working when the destination is the Firewall's own interface?

Environment


  • PANOS versions: 8.1.x, 9.0.x. 9.1.x and 10.0.x
  • PBF rule:
User-added image
  • The destination is the Firewall's own interface:
User-added image

Answer


If the destination is the Firewall's own interface, then that is considered a host directed packet and bypasses the PBF policy.

Additional Information


Note:
If the source IP is initiated by the Firewall's own interface, then it will be considered a host initiated packet and bypass the PBF policy
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClbDCAS
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UtkCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language