A user connected to Prisma Access reports that traffic intermittently is denied after matching a Catch-All Deny rule at the bottom and bypassing HIP-based policies. Refreshing VPN connection restores the access.
What are two reasons for this behavior? (Choose two.)
User mapping learned from sources other than gateway authentication can cause intermittent access issues if it conflicts with the expected user identity used in HIP-based policies. If the firewall is associating the user with an outdated or incorrect mapping, traffic may not match the intended security policies, leading to denials by the Catch-All Deny rule.
If the firewall loses user mapping due to missed HIP report checks, the user may temporarily lose access to policies that require a valid Host Information Profile (HIP) match. When the VPN connection is refreshed, the HIP check is re-initiated, restoring access until the issue repeats.
Herman
6 months agoLatonia
6 months agoBettina
7 months agoRebbecca
7 months agoCristina
7 months agoMalcom
7 months agoCatalina
8 months agoJaclyn
8 months agoKatie
8 months agoNorah
8 months agoTrina
8 months agoStanford
8 months agoLing
9 months agoSage
1 year agoTeri
1 year agoRaina
1 year agoLoreen
11 months agoFredric
12 months agoTijuana
1 year agoElizabeth
1 year agoLacresha
1 year agoViola
1 year agoNguyet
1 year agoTiara
1 year agoStanford
1 year agoIola
1 year agoGregoria
1 year agoSalley
1 year agoTeresita
1 year agoAdelaide
1 year agoLorriane
1 year agoWillodean
1 year agoJaney
1 year agoWayne
1 year ago