- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-26-2016 02:15 AM - edited 08-28-2016 11:40 PM
Hello,
Since a couple of days users encounter problems with the facebook app, all those users are using an Android device.
It isn't possible to post new messages, refresh new facebook messages and also notifications can not be refreshed. It seems that facebook is offline.
They never had this problems before. Using 4G and facebook works fine
I see in the Android playstore that there is an (facebook ) app update released on 22th august.
It could be related....?!
In the FW log I see al lot of denied connections to facebook subnets with the application "unknown-tcp"
subnets:
173.252.90.6/21
31.13.64.0/24
Are there known issues? Are there other PA users who experience this?
Best Regards,
Patrick
08-29-2016 04:12 AM - edited 08-29-2016 04:19 AM
The strange thing is that Facebook isnt identified as facebook or SSL traffic
it looks like you are blocking unknow-tcp andd non-syn-tcp. (that good in most implementations)
As workaround you could make a new application and make an application override for that with the facebook subnets and port 443.
Allow it in your policy and test again.
We have no issues with facebook on android devices here.
ps: Hallo Landgenoot 🙂
08-29-2016 08:41 AM
It looks like they are all referencing Facebook's edge and star servers. I had to build a custom signature to actually get these to identify correctly as they were taking up a lot of space on the unknown TCP and UDP traffic reports that we generate. I'm not sure why PA doesn't categorize these servers, or why you would just now be seeing the issue.
09-01-2016 05:31 AM
Hi Gertjan,
Thanks for the response.
For now is the app-override function an acceptable workaround.
But the problem occurs out of the blue without any policy changes.
It should be related (I think) to or facebook app updates or Palo Alto app updates. But what...
Best regards,
Patrick
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!