- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
11-16-2023 12:18 AM
Hello Everybody,
i thought i try the community for a change with my problem.
One of our departments recently asked for a policy change, so their server could access a ressource in the internet.
The rule is as simple as it gets. Source is their Server, Destination is a FQDN, Application SSL. (we don't decrypt). We already had a policy which allowed access to another FQDN which works perfectly fine.
With the new Destination though the palo alto recognizes the application as ms-office365-base. Even though communication is ssl encrypted. I read, that the palo can detect applications through ssl decryption and that i have to add that application to that policy for it to work.
Sooo i did exactly that and now i have a new weird problem. Connections are still denied. If i test the policy with ms-office365-base as application i land on the deny rule. If i change the app to ssl and leave the rest in the policy tester it works perfectly fine and matches my rule.
Any Idea what could be the Problem?
11-16-2023 05:41 PM
Hi @Stellinger ,
When you go onto the monitor tab and click on the detailed log view, does the traffic show the Decrypted flag checked?
11-20-2023 12:56 AM
Hi, sorry for the late reply,
Nope no decrypted flag set here.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!