How to configure pass through in Paloalto firewall for a test

In some situations, you may want to configure a pass through on Paloalto Firewall for a test. In our case, the client has a problem to establish the SFTP connection. They would like to configure the pass through the firewall for a test. This video shows how to setup a test policy that allows the computer IP address 10.0.220.19 pass through the firewall.

1. Go to Policies>Security.  

2. Click on Add.

3. Type the Name, SFTP test in our example, and keep others as default.

4. In the Source tab, make sure the Source Zone is trust, and Source Address is 10.0.220.19, the local computer IP address which will be used to test SFTP connection.

5. Keep other setting as default or Any.

6. Commit.

7. Now, test.

If Monitor shows Application incomplete, Session End Reason aged-out, Byes Sent successfully, but Received is 0, it may be not firewall issue. This could other end issue.

You can also check the Detailed Log View, which shows Packets Received is 0. 

Note: remember to disable the policy after the test.

please view this step by step video:

Published by

Bob Lin

Bob Lin, Chicagotech-MVP, MCSE & CNE Data recovery, Windows OS Recovery, Networking, and Computer Troubleshooting on http://www.ChicagoTech.net How to Install and Configure Windows, VMware, Virtualization and Cisco on http://www.HowToNetworking.com