One of the applications (a default one in the Palo Alto) sometimes connects over an other port than the defined standard port for the application. Since I defined the plicys service as 'application default', this traffic gets blocked.
Its the application 'magister', which has a standard port of tcp,443 but sometimes connects over 943 & 4502.
The applications user manual (dutch, chapter 3.5) says this ports must be opened for optimal usage, otherwise the application can work slow.
Can i change this application in the firewall? Should i ask Palo Alto to change this? Should i create a custom application?
Thanks in advance!
You could add the ports a service instead of using application-default.
You also might want to reach out to TAC and have them review the application in case you would like the ports to be added to the application-default ones.
Hi Kiwi, Thanks for youre response!
I already added the ports as services for a workaround, but i think a better solution would be to change the application.
Probably a stuppid question, but what is TAC and how to reach them?
Sorry if that wasn't clear.
TAC = Technical Assistance Center ... or technical support :D
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!