02-03-2016 05:30 AM
Hi all,
Doing some testing with a PAN-OS v6.0.0 VM-100. The command ‘set system setting logging default-policy-logging 300’ is configured so I am seeing log entries for traffic that is being blocked by the implicit deny rule for inter-zone traffic.
If I enable a security policy that permits any application I’m able to play a video on webpage: http://www.bbc.co.uk/news/uk-england-nottinghamshire-35472617
If I enable a policy with some application filtering I am now unble to play the video (which I expect) however I am not seeing anything being denied in the log.
This is a problem for me as I need to be able to see what exactly is being blocked in order to permit the appropriate application(s).
Can anyone suggest why I might be having this issue?
Thanks,
02-03-2016 06:38 AM
Hey there,
On version 6, there is no option to override and log the default rule. In order to have this logged, just simply create a new any to any deny all rule, set it to log at session end and place it at the bottom of your ruleset.
If you upgrade to 6.1 or higher you can override the 'interzone-default' rule which is now visible in the ruleset and set it to log.
hope this helps,
Ben
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
