https://live.paloaltonetworks.com/t5/next-generation-firewall/policy-clarification-for-ntp/m-p/1066008#M5371 <P>I have a policy configured on Palo Alto firewall with source as subnet 10.140.12.0/24 and destination as 10.140.13.0/24 with service as any and application has only icmp and ping.&nbsp;</P><P>&nbsp;</P><P>Will NTP be allowed from&nbsp;10.140.12.0/24 to 10.140.13.0/24 as the service is any or will it be blocked as application allowed is only icmp and ping&nbsp;</P> Mon, 13 Jan 2025 14:48:48 GMT ciscojuniperf5 2025-01-13T14:48:48Z https://live.paloaltonetworks.com/t5/next-generation-firewall/policy-clarification-for-ntp/m-p/1066008#M5371 <P>I have a policy configured on Palo Alto firewall with source as subnet 10.140.12.0/24 and destination as 10.140.13.0/24 with service as any and application has only icmp and ping.&nbsp;</P><P>&nbsp;</P><P>Will NTP be allowed from&nbsp;10.140.12.0/24 to 10.140.13.0/24 as the service is any or will it be blocked as application allowed is only icmp and ping&nbsp;</P> Mon, 13 Jan 2025 14:48:48 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/policy-clarification-for-ntp/m-p/1066008#M5371 ciscojuniperf5 2025-01-13T14:48:48Z https://live.paloaltonetworks.com/t5/next-generation-firewall/policy-clarification-for-ntp/m-p/1066034#M5372 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/149928371">@ciscojuniperf5</a>&nbsp;,</P> <P>&nbsp;</P> <P>If you have selected the application icmp and ping then NTP traffic will not pass through with the policy as application will not match with existing configured policy.</P> <P>&nbsp;</P> <P>Best Regards,</P> <P>Mohammad Talib</P> Mon, 13 Jan 2025 15:39:12 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/policy-clarification-for-ntp/m-p/1066034#M5372 mshekh 2025-01-13T15:39:12Z