- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
08-15-2021 11:12 PM - last edited on 08-19-2021 10:00 AM by jdelio
Hi
I have an issue about AVG and CDN. I used PA 220 with Details :
Software Version | 10.0.6 |
Application Version | 8435-6846 (07/27/21) |
Threat Version | 8435-6846 (07/27/21) |
Antivirus Version | 3791-4302 (07/28/21) |
Network | Layer 3 |
1. AVG Update
Regarding this issue, when I created specific rule with source IP address my workstation for AVG with application avg-update and I try hit update avg from my workstation. AVG update always failed, can not update. And I tried create specific rule with source IP address my workstation and application any, and I tried hit update avg from my workstation, sometimes failed and sometimes succeed. when I looked traffic AVG on Log Monitor Paloalto. Traffic AVG used avast-av-update or ssl application not used avg-update application. I have already update dynamic update to latest. the result always same, traffic used ssl and avast-av-update, sometime succeed updated and sometimes failed. Could community give me clue for resolve this issue, please?
2. CDN
I could access this CDN http://global.oktacdn.com/ with http (web browsing app), but when used ssl I can not access https://global.oktacdn.com/ https://koows.com/, refresh the , connection always reset. I used two platform windows and linux, the results always same. It is very unique, when I checked on Log:
- There is no traffic ssl arrived to paloalto from both platform
- there is no blocking from URL or Threat or Data Filtering
If I open github.com, google.com with ssl or another web with ssl, it is fine. I could open url expected global.oktacdn.com.
Could anyone give me clue for resolve this issue, please?
Thanks in advance
Jamwalriti
08-16-2021 10:53 AM
Are you actually logging interzone-default traffic (or have you created a logged catch-all rule)? Are you decrypting outbound traffic?
A default lab device running the latest dynamic updates and a basic rulebase configuration has no issue accessing the CDN address that you have listed above through either HTTP or HTTPS connections.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!