Appstore and itunes on iOS

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Appstore and itunes on iOS

L1 Bithead

Hi all,

I have a problem with iTunes/AppStore on my PaloAlto firewall.

We have a default rule for surfing with URL filtering applied (including online-music category). Every time I try to connect with a iOS device to AppStore the traffic is denied because it is categorized as online-music (i can see this in session browser).

If I configure another rule before the default surfing rule with source: any, dest: any, app group apple (all available apple apps) and action: allow, then again the traffic is passed through the default surfing rule and the communication is denied. So this is not the sollution 😞

So I am asking, is there a sollution where I can keep my default surfing rule (with online-music URL filtered) and somehow allow traffic to iTunes and AppStore?

Best regards,



L4 Transporter


It is because itunes actually depends on another app- web-browsing. Which means for the first packet it will be classified as web browsing and you need to allow that packet and cannot block it by URL filtering.

So you can create a custom category and put in the category to allow it apart from just blocking online category only.



  • 1 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!