Question to app dependencies

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Question to app dependencies

L4 Transporter

Hi guys!

I'm new to Palo Alto.

Scneario:

I make a new rule from an inside zone to the internet with the app gmx-mail.

gmx-mail depends on web-browsing and ssl.

Do I have to add web-browsing and ssl to this rule to make gmx-mail work?

Or could I make another separate rule where I'm allowing web-browsing and ssl?

Thanks, Alex

5 REPLIES 5

L6 Presenter

Hi,

 

If the app dependent on other apps just allowing gmx-mail inside security policy won't work, you must allow web-browsing and ssl fro the rule to match. 

 

So all apps should be allowed withing one policy.

 

Thx,

Myky

Thank you!

I would like to ask something else:

If I want to make a security rule with a service - not with an app:

Under objects -> services I define a new service. For example service xyz port number tcp 499. (just an example)

So how do I have to set up the rule?

Under Service/URL Category -> Service: I have to select "select" and then my service object.

But what do I have to select under Application? "Any" ?

I just want to allow port 499 (example), nothing else.

(when I have traffic there isn't an app)

Or is there an app for every traffic?

L4 Transporter

Hi,

 

if you add app-id then it is more detailed. So if you choose port 449 and app-id xyz then

only app-id xyz with port 449 is allowed.

 

regards

Klaus

 

 

L4 Transporter

Hi Klaus,

 

I think you are taking about the rule, right?

 

But what if I have a certain type of traffic there isn't an app. I can't choose an app in the rule, can I?

L4 Transporter

Hi MPI-AE,

just select the port and the app-id is any.

cheers,

Klaus

  • 1903 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!