SCTP Init Flood(8506) detected in unsupported platforms

SCTP Init Flood(8506) detected in unsupported platforms

2732
Created On 04/27/22 21:12 PM - Last Modified 05/08/25 22:33 PM


Symptom


  • Threat logs observed, indicating SCTP Init Flood(8506) drops.

Environment


  • PAN-OS >= 10.1.0 and < 10.1.7.
  • PAN-OS >= 10.2.0 and < 10.2.4.
  • Platform where SCTP Init Flood protection is not supported nor enabled.
  • PBP Latency Mode is enabled

Cause


This is a cosmetic issue where threat logs for "PBP Drops (8507)" are incorrectly logged as "SCTP Init Flood (8506)"
 

Resolution


  1. In order to find where PBP Latency Mode is configured Refer Configure Packet Buffer Protection Based on Latency
  2. The issue is fixed in PAN-OS 10.1.7 and 10.2.4.
  3. PAN-OS >= 11.0 is not affected.

Additional Information


SCTP Init Flood protection is only officially supported in PA-VM's and PA-5200 Series.

For contextual information on this feature please see:

Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oNjxCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language