Allowed sites not loading correctly

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Allowed sites not loading correctly

L0 Member

I am new to Palo Alto Firewalls so I am trying to figure this out. In our policy we have facebook allowed and it is not displaying the whole page. Am I missing something? 



Please note you are posting a public message where community members and experts can provide assistance. Sharing private information such as serial numbers or company information is not recommended.
Rommel Rodriguez
4 REPLIES 4

Cyber Elite
Cyber Elite

Assuming workstation IP is 1.2.3.4

Go to Monitor > Traffic and use filter below

( addr.src in 1.2.3.4 ) and (( action neq allow ) or ( session_end_reason eq threat ))

 

Also check Monitor > URL Filtering with following filter 

( addr.src in 1.2.3.4 ) and ( action neq alert )

 

Do you see anything being blocked?

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

Nothing blocked
Rommel Rodriguez

Cyber Elite
Cyber Elite

@rommel-madix,

Assuming that things are default and you don't have a catch-all rule with logging enabled or logging enabled on the interzone-default rule, I'd recommend temporarily overriding the interzone-default entry to log at session end and verify that you're actually allowing all of the necessary traffic.

Keep in mind when dealing with URL categories as match criteria, by default you won't receive URL logs from your clients unless they're assigned a URL Filtering profile that has every single category set to at least 'alert' or higher. 

L6 Presenter

In addition to what @BPry said about enabling logging on the default interzone deny rule, open up Chrome and turn on Developer Tools. Then navigate to the Facebook page and look in the Developer Tools network tab and look for 400/500 status errors. That will give you an idea of which elements of the page may be blocked. "Facebook" is a collection includes from a lot of different domains (facebook.com, facebook.net, fb.com, fbcdn.net, etc.) and third party domains.

  • 1871 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!