This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Scheduling policies and continuous tcp sessions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Scheduling policies and continuous tcp sessions

Go to solution
itbrain
L0 Member

‎09-24-2009 05:26 AM

Dear Gentlemen,

Does anybody know how we can configure the policies to block a continuous TCP session when the schedule runs out?

The test we are trying to do is to block a skype discussion during a scheduled time.

During the 'allowed' time, we can launch skype and discuss normally. Good.

During the 'blocked' time, we are not able to connect skype to the web. Also Good.

But a contunious session, that was previously initiated during the permit time is not blocked when the allowed schedule runs out.

Thank you,

Olivier

Labels:
0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
mjacobsen
L4 Transporter

‎09-24-2009 10:40 AM

Olivier,

Currently the schedule for the policy is only applied at the time of

session setup. If the schedule says the session can be allowed at the

time of setup, it is allowed. The system does not have a mechanism to

go back and kill the sessions midstream when the schedule expires.

Mike

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
mjacobsen
L4 Transporter

‎09-24-2009 10:40 AM

Olivier,

Currently the schedule for the policy is only applied at the time of

session setup. If the schedule says the session can be allowed at the

time of setup, it is allowed. The system does not have a mechanism to

go back and kill the sessions midstream when the schedule expires.

Mike

0 Likes Likes

Go to solution
rps
L3 Networker
In response to mjacobsen

‎02-26-2010 08:22 AM

Wouldnt an enabled "rematch sessions" along with a commit just after the time is changed to disallow skype-calls fix this?

If so the followup question would be if its possible to schedule "commit force"? Smiley Wink

0 Likes Likes

Go to solution
ncampagna
Palo Alto Networks Guru
In response to rps

‎03-09-2010 03:39 PM

Yes, if you enable "rematch sessions" and then commit the configuration, the existing Skype sessions would be rematched to policy (and blocked in this case if the schedule dictates that action).

-Nick

0 Likes Likes
  • 1 accepted solution
  • 3857 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks