05-10-2017 11:54 PM
Hi
So I created an application
TEST HTTPS tcp/443
TEST HTTP tcp/443
and a policy from any where to 10.10.10.10/24 application TEST HTTPS & TEST HTTP allow
and then deny everything else
if I go to my test box say 10.20.20.20/24 (different network), presume I can ping.
I run
telnet 10.10.10.10.443
it connects and i type GET /
This will fail, but the PA's say its applicaiton web-browsing - it doesn't use my application type.
how can I make it use my applation type and stop it from looking at the packets
05-11-2017 12:58 AM
Hi,
You need to configure "Application override".
This is the only way, in palo, to diable L7 analysis.
Just keep in mind that by disabling L7, all security profile (Spyware / Antivirus ..) are disable on these flow.
Hope help
Rgds
05-11-2017 12:58 AM
Hi,
You need to configure "Application override".
This is the only way, in palo, to diable L7 analysis.
Just keep in mind that by disabling L7, all security profile (Spyware / Antivirus ..) are disable on these flow.
Hope help
Rgds
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
