Anti-Spyware Inline Cloud Analysis Dropping Traffic

Anti-Spyware Inline Cloud Analysis Dropping Traffic

5116
Created On 09/19/23 18:25 PM - Last Modified 08/14/25 17:20 PM


Symptom


Anti-Spyware Inline Cloud Analysis will drop traffic to and/or from selected applications serving partial content. A session end-reason of threat will be observed in the Traffic logs. No threat log is generated. 

Environment


11.0.2, 11.0.2.h-1 PAN-OS firewalls.

Cause


Internal process validations are being run erroneously, causing Anti-Spyware Inline Cloud Analysis to drop traffic to and/or from selected applications serving partial content. 

Resolution


The fix has been released in 11.0.2-h2, released September 21, 2023. Once installed, the issue will be resolved. 
Additional fix versions are: 10.2.4-h11; 10.2.6; 10.2.8; 11.1.0; 11.2.0; 11.0.3; 11.0.4.

Additional Information


The following (show counter global filter delta yes) can be used to check if a match to the issue is seen on the firewall: 

ctd_wif_shm_limit_block_forward , session blocked due to wif shared memory limit
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000g2F6CAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail