This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

PA-500 isn't allowing some Google services (Play store, calendar sync, etc.)

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PA-500 isn't allowing some Google services (Play store, calendar sync, etc.)

kirkc
Not applicable

‎07-02-2015 02:05 PM

Pardon the noob query or lack of actual technical knowledge in our PA-500 but I've been asked by my supervisor to see what might be blocking some Google services/apps on our new PA-500. I've tried to monitor the IP address (my personal cell phone) and gain some insight via the monitor tab and the traffic and url filtering components of this monitor section and I can't come up with much. Has anyone battled this out there? It must be blocked at a pretty high level because everyone here in I.S. can't connect to these Google services and we're in a filter group that can get to almost anything.

Any ideas as to where to start? Please remember I'm not super fluent in the firewall but can certainly log-in and poke around if anyone has any ideas. Thanks a ton for any help. It is a bit of a big deal since we have a dozen Android tablets for our Home Care department and they need to be able to update apps, etc. As of now, everything seems to be blocked regarding the Play store, calendar and Gmail syncing. On a side note, ESPN alerts are not coming through as well which isn't cool, hehehee!! Thanks again --Kirk

Labels:
5 REPLIES 5

BLH
L2 Linker

‎07-03-2015 02:26 AM

Welcome to the forums Kirk,

If you go to the Monitor -> Traffic and filter on your IP ( addr.src in x.x.x.x ) can you see the Google applications being blocked?

Example below shows how Google Docs is blocked and Dropbox is allowed and what rule causes that.

allowdeny.jpg

pulukas
L7 Applicator

‎07-03-2015 04:55 AM

If you cannot find your logs for sessions you know occurred, then go to your policy list and make sure you have logging turned on for the policies.

You are looking in the right place, your traffic and url filtering logs would be where this should show up.

Steve Puluka BSEET - IP Architect - DQE Communications (Metro Ethernet/ISP)
ACE PanOS 6; ACE PanOS 7; ASE 3.0; PSE 7.0 Foundations & Associate in Platform; Cyber Security; Data Center
0 Likes Likes

kirkc
Not applicable
In response to BLH

‎07-03-2015 09:23 AM

Thanks BLH! I don't actually see anything obvious like that. I've tried to safe-list some of the things I do see but they must not be Google's IPs/domains. This is what I see from my IP (cell phone) and I just don't see anything that is obvious to Google. Could it be blocked before it even gets to this point?

2015-07-03 10_17_04-LHCIFSHBFW01 - Internet Explorer.png

0 Likes Likes

kirkc
Not applicable
In response to pulukas

‎07-03-2015 09:27 AM

Steven, there looks to be about 23 policies in that section. How would I know what to turn on, if it isn't already? How would I know which one to even investigate? Sorry...again, my supervisor set this whole thing up. Thanks for the reply and help.

2015-07-03 10_25_53-LHCIFSHBFW01 - Internet Explorer.png

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks