topic Allow outbound web traffic by exception by session while utilizing authentication in General Topics https://live.paloaltonetworks.com/t5/general-topics/allow-outbound-web-traffic-by-exception-by-session-while/m-p/273661#M75065 <P>Is it possible to block all outbound http/https traffic on an authenticated per-session basis instead of a per-client basis? I currently have my PA setup so that it will only permit web traffic after authentication (using captive portal), however this appears to allow all outbound web traffic on the client, whereas I'm looking for it to continue blocking outbound web traffic except for the browser that initiated the authentication session.</P><P>&nbsp;</P><P>For example, if I've authenticated via Firefox, I'm able to get to outbound sites, however I'd like to have Chrome/Windows Updates/other services that utilize http/https on the same box to still require authentication.</P> Thu, 27 Jun 2019 19:59:10 GMT Garrett.Sears 2019-06-27T19:59:10Z Allow outbound web traffic by exception by session while utilizing authentication https://live.paloaltonetworks.com/t5/general-topics/allow-outbound-web-traffic-by-exception-by-session-while/m-p/273661#M75065 <P>Is it possible to block all outbound http/https traffic on an authenticated per-session basis instead of a per-client basis? I currently have my PA setup so that it will only permit web traffic after authentication (using captive portal), however this appears to allow all outbound web traffic on the client, whereas I'm looking for it to continue blocking outbound web traffic except for the browser that initiated the authentication session.</P><P>&nbsp;</P><P>For example, if I've authenticated via Firefox, I'm able to get to outbound sites, however I'd like to have Chrome/Windows Updates/other services that utilize http/https on the same box to still require authentication.</P> Thu, 27 Jun 2019 19:59:10 GMT https://live.paloaltonetworks.com/t5/general-topics/allow-outbound-web-traffic-by-exception-by-session-while/m-p/273661#M75065 Garrett.Sears 2019-06-27T19:59:10Z Re: Allow outbound web traffic by exception by session while utilizing authentication https://live.paloaltonetworks.com/t5/general-topics/allow-outbound-web-traffic-by-exception-by-session-while/m-p/273685#M75067 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/96310">@Garrett.Sears</a>,</P><P>That level of granularity isn't available and would be easy enough to bypass if you knew what you were doing and could fake an agent string. But to directly answer your question, no this isn't something that can be done from the firewall.&nbsp;</P> Thu, 27 Jun 2019 21:21:41 GMT https://live.paloaltonetworks.com/t5/general-topics/allow-outbound-web-traffic-by-exception-by-session-while/m-p/273685#M75067 BPry 2019-06-27T21:21:41Z