This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Question to app dependencies

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Question to app dependencies

MPI-AE
L4 Transporter

‎11-01-2016 03:32 AM - edited ‎11-01-2016 03:33 AM

Hi guys!

I'm new to Palo Alto.

Scneario:

I make a new rule from an inside zone to the internet with the app gmx-mail.

gmx-mail depends on web-browsing and ssl.

Do I have to add web-browsing and ssl to this rule to make gmx-mail work?

Or could I make another separate rule where I'm allowing web-browsing and ssl?

Thanks, Alex

0 Likes Likes
5 REPLIES 5

TranceforLife
L6 Presenter

‎11-01-2016 03:40 AM

Hi,

 

If the app dependent on other apps just allowing gmx-mail inside security policy won't work, you must allow web-browsing and ssl fro the rule to match. 

 

So all apps should be allowed withing one policy.

 

Thx,

Myky

0 Likes Likes

MPI-AE
L4 Transporter
In response to TranceforLife

‎11-01-2016 03:52 AM - edited ‎11-01-2016 04:01 AM

Thank you!

I would like to ask something else:

If I want to make a security rule with a service - not with an app:

Under objects -> services I define a new service. For example service xyz port number tcp 499. (just an example)

So how do I have to set up the rule?

Under Service/URL Category -> Service: I have to select "select" and then my service object.

But what do I have to select under Application? "Any" ?

I just want to allow port 499 (example), nothing else.

(when I have traffic there isn't an app)

Or is there an app for every traffic?

0 Likes Likes

kdd
L4 Transporter
In response to MPI-AE

‎11-01-2016 04:10 AM

Hi,

 

if you add app-id then it is more detailed. So if you choose port 449 and app-id xyz then

only app-id xyz with port 449 is allowed.

 

regards

Klaus

 

 

0 Likes Likes

MPI-AE
L4 Transporter
In response to kdd

‎11-01-2016 04:17 AM

Hi Klaus,

 

I think you are taking about the rule, right?

 

But what if I have a certain type of traffic there isn't an app. I can't choose an app in the rule, can I?

0 Likes Likes

kdd
L4 Transporter
In response to MPI-AE

‎11-01-2016 05:22 AM

Hi MPI-AE,

just select the port and the app-id is any.

cheers,

Klaus

0 Likes Likes
  • 2190 Views
  • 5 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks