For details on cookie usage on our site, read our Privacy Policy
Need to Allow Video-Streaming from Specific Website
- LIVEcommunity
- Discussions
- General Topics
- Need to Allow Video-Streaming from Specific Website
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Need to Allow Video-Streaming from Specific Website
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-20-2020 11:47 PM
Hello Dears,
Requirement:- I want to allow only some educational videos (educational videos belong from training and tools URL category) for my environment.
Below i have tried:-
- I have checked all the streaming videos played on YouTube or any the streaming media category.
- When we allow traffic for training and tools as well as streaming media category the website working fine.
- But according to my requirement only learning video should be play rest should be block.
- I have tried to achive my requirement by the below documents:-
- https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClikCAC
- According to the documents to achieve my requirement there is one option “Overrides” in URL filtering. But unfortunately this option is not available in latest PAN-OS (“Override” option was available on previous version). my PAN OS is 9.1.3
Could you please suggest is there any other way to achive my requirement.
Thanks.
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-21-2020 05:35 AM - edited 10-21-2020 05:36 AM
Hello
Yes, I can understand your query now.
It is simple, and let me explain.
In previous versions, the Override was used an "Allow" or "Block", that was processed before the built in categories.
in 9.1.3, the functionality is the same. Look for creating two (2) Custom URL categories.
One will be (blocking) *.youtube.com
The other one will be for those site you want to allow:
- *.googlevideo.com/videoplayback
- www.youtube.com/embed
- www.youtube.com/yts/jsbin/
- www.youtube.com/yts/cssbin/
- www.youtube.com/get_video_info?*.[your-company-domain].*
Be sure to look at the two attached pics on this thread/response.
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-21-2020 06:50 AM
It means i need to create a policy like this:-
source one- inside
source address- any
destination zone - outside
destination address - any
application - any
service - any
action - allow
in security profile - need to create a URL filtering that is mention by you and all other URL category should be block. is this correct.?
- Mark as New
- Subscribe to RSS Feed
- Permalink
10-21-2020 11:51 AM
Yes, that could work fine.
Totally different comment here:
Question though... WHY such an open rule? Can you lock it down?
Can you make 2 security policies, to accomplish the same thing.
Traffic from SZone to DestZone (IP of tube), using youtube application on APPOVED_Youtube_URL, on application default?
Next rule.. deny ALL traffic to youtube?
- What is source of SSO and how to stop it in General Topics
- Panorama push errors None after upgrade in General Topics
- Slow File Downloads over a new PA3220 in General Topics
- EXCHANGE KEY ECDHE insufficient size Global Protect in GlobalProtect Discussions
- GP Issue while Migrating from PA-3020 to PA-460 in General Topics
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
