Sunday, June 5, 2016

SOLVED: Cannot access internet through Palo Alto Firewall, status Incomplete

I am not usually involved in networking, but this time a was on an issue where internet was working from one network, but not from the other. Both networks where protected with Palo Alto Firewall.
Access rules to access the internet where created, but when inspecting Palo Alto firewall logs it showed status "Incomplete" for the problematic network, which meant that TCP three-way handshake could not be established.
So I found that an NAT rule also must be created. When NAT rule was created internet access worked as expected.

