topic Re: Policy application question in General Topics https://live.paloaltonetworks.com/t5/general-topics/policy-application-question/m-p/156173#M51263 <P>Hi,</P><P>&nbsp;</P><P>You need to configure "Application override".</P><P><A href="https://live.paloaltonetworks.com/t5/Learning-Articles/Tips-amp-Tricks-How-to-Create-an-Application-Override/ta-p/65513" target="_blank">https://live.paloaltonetworks.com/t5/Learning-Articles/Tips-amp-Tricks-How-to-Create-an-Application-Override/ta-p/65513</A>.</P><P>&nbsp;</P><P>This is the only way, in palo, to diable L7 analysis.</P><P>&nbsp;</P><P>Just keep in mind that by disabling L7, all security profile (Spyware / Antivirus ..) are disable on these flow.</P><P>&nbsp;</P><P>Hope help</P><P>&nbsp;</P><P>Rgds</P> Thu, 11 May 2017 07:58:54 GMT VinceM 2017-05-11T07:58:54Z Policy application question https://live.paloaltonetworks.com/t5/general-topics/policy-application-question/m-p/156161#M51261 <P>Hi</P><P>&nbsp;</P><P>So I created an application&nbsp;</P><P>&nbsp;</P><P>TEST HTTPS tcp/443</P><P>TEST HTTP tcp/443</P><P>&nbsp;</P><P>and a policy from any where to 10.10.10.10/24 application TEST HTTPS &amp; TEST HTTP allow</P><P>and then deny everything else</P><P>&nbsp;</P><P>if I go to my test box say 10.20.20.20/24 (different network), presume I can ping.</P><P>&nbsp;</P><P>&nbsp;</P><P>I run&nbsp;</P><P>telnet 10.10.10.10.443</P><P>&nbsp;</P><P>it connects and i type GET /</P><P>This will fail, but the PA's say its applicaiton web-browsing - it doesn't use my application type.</P><P>&nbsp;</P><P>how can I make it use my applation type and stop it from looking at the packets</P><P>&nbsp;</P> Thu, 11 May 2017 06:54:49 GMT https://live.paloaltonetworks.com/t5/general-topics/policy-application-question/m-p/156161#M51261 Alex_Samad 2017-05-11T06:54:49Z Re: Policy application question https://live.paloaltonetworks.com/t5/general-topics/policy-application-question/m-p/156173#M51263 <P>Hi,</P><P>&nbsp;</P><P>You need to configure "Application override".</P><P><A href="https://live.paloaltonetworks.com/t5/Learning-Articles/Tips-amp-Tricks-How-to-Create-an-Application-Override/ta-p/65513" target="_blank">https://live.paloaltonetworks.com/t5/Learning-Articles/Tips-amp-Tricks-How-to-Create-an-Application-Override/ta-p/65513</A>.</P><P>&nbsp;</P><P>This is the only way, in palo, to diable L7 analysis.</P><P>&nbsp;</P><P>Just keep in mind that by disabling L7, all security profile (Spyware / Antivirus ..) are disable on these flow.</P><P>&nbsp;</P><P>Hope help</P><P>&nbsp;</P><P>Rgds</P> Thu, 11 May 2017 07:58:54 GMT https://live.paloaltonetworks.com/t5/general-topics/policy-application-question/m-p/156173#M51263 VinceM 2017-05-11T07:58:54Z