General Topics
Post a discussion here if you have general questions regarding configuration and troubleshooting for Palo Alto Networks products. Use this forum to collaborate with like-minded security professionals to improve your security posture.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Discussions

App-ID 'hotmail' false positive?

Hello,

after our recent newsletter distribution, we now see lots of blocked App-ID 'hotmail' in traffic directed to our web servers. Those are requests to HTML resources (images) just referred to from Hotmail website, most likely Hotmail users reading

...

gstrehl by L1 Bithead
  • 5171 Views
  • 11 replies
  • 0 Likes

Palo Alto and Cisco Wireless Controller

Dear All,

We have a Cisco Guest Wireless controller in the DMZ. A tunnel is established by the Cisco wireless controllers in the internal network to the wireless controller in the DMZ. The issue is the Guest users loose their connection intermittently

...

ashraf1 by Not applicable
  • 4071 Views
  • 2 replies
  • 1 Likes

Applications not being identified correctly

I am running into a  number of situations where the applications are not being identified correctly and thus not working.  I can see that the applications is using the correct port, but the PA shows it is "web browsing", unknown, etc.  Examples:

KaKao

...

BobW by L4 Transporter
  • 3253 Views
  • 4 replies
  • 0 Likes

traceroute application allows tcp port 80

Hi,

Received a call from a client said their external scanner shows their servers behind the firewall allows tcp port 80 connections and able to passive finger those servers, but there is no firewall rule permit tcp port 80 to those servers.  Digging

...

Resolved! unkown-tcp/udp session timeout?

Dear all,

What is the session timeout for unknown-tcp/udp?

Since this is an application which has no values set for timeout, can I conclude it will use the default-tcp/udp timeouts?

Kind regards

mr.linus by L4 Transporter
  • 5739 Views
  • 5 replies
  • 0 Likes

Resolved! Custom App for CRL downloads

Hi,

I am trying to create a custom app that will match CRL downloads, to allow them without any questions ask. Shouldn't be too hard : on a previous web security gateway, I would match a pattern like the following: "http://([^/:])*crl.*\.crl"

When tran

...

dennisss by L1 Bithead
  • 20251 Views
  • 20 replies
  • 0 Likes

Resolved! Block PSIPHON 3

Hi all,

 

Does anybody already try with success to block Psiphon (https://www.psiphon3.com) ?

It's quite easy when psiphon is configured in VPN mode but how can I do that when VPN is not used ?

 

Thanks in advance for sharing.

 

V.

VinceM by L5 Sessionator
  • 24233 Views
  • 13 replies
  • 0 Likes

How to submit incorrect app classification?

I'm having some difficulty navigating this site. I want to submit the application "Xbox Music" as streaming music (http://music.xbox.com). Currently it's being classified under "xbox-live" (online gaming).

Maxstr by L3 Networker
  • 3229 Views
  • 3 replies
  • 0 Likes

New AppID Category

I work for a K12 School district, and like many K12 school districts we are preparing for online testing for state proficiency testing.

We have also used online testing for AP testing, vocational testing, etc...

Online testing is one of the high priori

...

How to allow a specific file extension

I work for a K-12 school district that uses a program that reads books to students.  The file extension is .kes (KES is a file extension that belongs to Text Files of Kurzweil Educational Systems) and is blocked in our file blocking profile as an Enc

...

almay by L2 Linker
  • 3910 Views
  • 2 replies
  • 0 Likes

Resolved! Deny Facebook Posting

I've been playing around with trying to block Facebook posting but allow all other access to Facebook. I setup a deny rule for the 'facebook-posting' app and then setup a rule below it allowing 'facebook' but, this doesn't seem to stop posting. The l

...

Ash2k by L2 Linker
  • 5845 Views
  • 3 replies
  • 0 Likes

Resolved! Application 'github-base' and SSH

Hi all,

 

Can someone please explain why the "github-base" application depends on SSH?

 

We are running into a number of problems with web sites that are hosted on Github.  Users want to get to these sites for legitimate reasons.  IT people have also

...

RSKadish by L2 Linker
  • 13371 Views
  • 7 replies
  • 0 Likes

url_filtering problem

HI all,

We have a cluster of 2xPA3050, for protection to untrusted zone. Last week we enabled the trial license for url_filtering. Since that moment we have met a special problem. We use a citrix application over ssl in the cloud. This citrix server i

...

Labels