This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

services (http,https)

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

services (http,https)

Go to solution
billpipes
L1 Bithead

‎03-01-2013 12:25 PM

Please excuse my ignorance, new to FW support and PAN.  What is the criteria for services, why is there only 2 http/https?

thx,

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
sraghunandan
L5 Sessionator

‎03-01-2013 12:32 PM

These are pre defined ones , you can navigate to objects-services and create new ones.

View solution in original post

0 Likes Likes
10 REPLIES 10

Go to solution
sraghunandan
L5 Sessionator

‎03-01-2013 12:32 PM

These are pre defined ones , you can navigate to objects-services and create new ones.

0 Likes Likes

Go to solution
craymond
L4 Transporter

‎03-01-2013 02:00 PM

Services are used for anything that is not already defined as an application by Palo Alto. We have had to use them for many custom in house Apps. As sraghunandan said, http and https are defined by Palo Alto, and are used in NAT translation Rules.

An Application is the preferred method for defining a policy, as the application is defined by signatures, not just ports.

The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries.

Go to solution
mikand
L6 Presenter
In response to craymond

‎03-01-2013 03:46 PM

Service is simply what others call a port.

Go to solution
craymond
L4 Transporter

‎03-03-2013 08:09 PM

As mikand said, they are just ports, and the criteria that is probably best practice is only use them when you can't use an application.

The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries.
0 Likes Likes

Go to solution
mikand
L6 Presenter
In response to craymond

‎03-03-2013 11:52 PM

Speaking of ports, what about srcport - how to define that in a security rule in PA?

0 Likes Likes

Go to solution
sraghunandan
L5 Sessionator
In response to mikand

‎03-04-2013 12:43 AM

You can define source ports under services.

Go to solution
mikand
L6 Presenter
In response to sraghunandan

‎03-04-2013 12:56 AM

Doh! there it was, thanks! Smiley Happy

Page 232 in the PA-5.0_Administrators_Guide.pdf (for further references).

Is it possible to have the srcport being used displayed in the security policy list?

Go to solution
ExclusiveNetworksGermany
L3 Networker
In response to mikand

‎03-04-2013 02:19 AM

No, like all columns in Security Poliy

you can only name it i a way that i logical for you.

Like:

Service-Name: SRC-1026-TCP-25

Destination Port TCP-25

Source Port: 1026

Cheers

Marco

0 Likes Likes

Go to solution
mikand
L6 Presenter
In response to ExclusiveNetworksGermany

‎03-04-2013 02:35 AM

hmm, I guess that will be a doable workaround - thanks again!

0 Likes Likes

Go to solution
billpipes
L1 Bithead

‎03-04-2013 04:50 AM

Thanks for the fast replys.

0 Likes Likes
  • 1 accepted solution
  • 6216 Views
  • 10 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks