This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Problem with CDN and AVG Update

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Problem with CDN and AVG Update

Jamwalriti
L1 Bithead

‎08-15-2021 11:12 PM - last edited on ‎08-19-2021 10:00 AM by

Hi

I have an issue about AVG and CDN. I used PA 220 with Details :

Software Version 10.0.6
Application Version 8435-6846 (07/27/21)
Threat Version 8435-6846 (07/27/21)
Antivirus Version 3791-4302 (07/28/21)
Network Layer 3

1. AVG Update

Regarding this issue, when I created specific rule with source IP address my workstation for AVG with application avg-update and I try hit update avg from my workstation. AVG  update always failed, can not update. And I tried create specific rule with source IP address my workstation and application any, and I tried hit update avg from my workstation, sometimes failed and sometimes succeed. when I looked traffic AVG on Log Monitor Paloalto. Traffic AVG used avast-av-update or ssl application not used avg-update application. I have already update dynamic update to latest. the result always same, traffic used ssl and avast-av-update, sometime succeed updated and sometimes failed. Could community give me clue for resolve this issue, please?

 

2. CDN

I could access this CDN http://global.oktacdn.com/ with http (web browsing app), but when used ssl I can not access https://global.oktacdn.com/  https://koows.com/, refresh  the , connection always reset. I used two platform windows and linux, the results always same. It is very unique, when I checked on Log:

- There is no traffic ssl arrived to paloalto from both platform

- there is no blocking from URL or Threat or Data Filtering

If I open github.com, google.com with ssl or another web with ssl, it is fine. I could open url expected global.oktacdn.com.

Could anyone give me clue for resolve this issue, please?

Thanks in advance

Jamwalriti

0 Likes Likes
1 REPLY 1

BPry
Cyber Elite
Cyber Elite

‎08-16-2021 10:53 AM

@Jamwalriti,

Are you actually logging interzone-default traffic (or have you created a logged catch-all rule)? Are you decrypting outbound traffic? 

A default lab device running the latest dynamic updates and a basic rulebase configuration has no issue accessing the CDN address that you have listed above through either HTTP or HTTPS connections. 

0 Likes Likes
  • 1713 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks