Assymetric Routing on Inbound and Outbound Traffic

[michaelolusegunrufai]

Describe the bug

The traffic inbound from the internet to the server works very well but the return traffic seems to be an issue. I discovered this is as a result of an Asymmetric routing for the return traffic because the Firewalls are not configured as HA but are just basically put behind a load balancer. So there is no session tracking on the firewall and I also dont know why the Internal load balancer is not sending the traffic back to the Firewall that received the inbound traffic in the first place.

I discovered this by checking the traffic logs and I realized that all my traffic where aging out, so I tuned off one of the firewalls and all was fine.

Expected behavior

Current behavior

Possible solution

Steps to reproduce

Screenshots

Context

Your Environment

• Version used:
• Environment name and version (e.g. Chrome 59, node.js 5.4, python 3.7.3):
• Operating System and version (desktop or mobile):
• Link to your project:

[welcome-to-palo-alto-networks]

🎉 Thanks for opening your first issue here! Welcome to the community!

[mycol]

I'm experiencing the same issue. I've tried applying zone protection profile which tcp-reject-non-syn but no joy. Any suggestions?

Tried these, with no luck (applied to trust and untrust, also tried global config change in CLI).
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClSHCA0
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClG2CAK