We have a demand to allow skype for internal employees. However, we've created a security rule to allow the following applications:
Still skype couldn't connect with an error message "please check your internet connection and try again".
So I've added *.skype.com/* in the URL filteration > still doesn't work
Also I tried to user web-browsing instead of ssl > still doesn't work
and finally I've added both ssl & web-browsing > still doesn't work
When I checked the traffic log I found the following:
Session end reason: tcp-rst-from-client & tcp-fin & n/a
Does anyone know exactly whats going on here?
I will try that Terje.
When I added the policy "any any" today and commit the changes I got a warning that msn-base, ssl and web-browsing should be allowed as dependency apps also, but when I checked in https://applipedia.paloaltonetworks.com/ its not required. To double check this I shoot the command #show predefined application skype and those dependency apps were included. But again I've already tried and added them and still doesn't work.
I guess what I meant as an 'any any' rule was that it would be any destination and any applicaiton. This placed above all other security rules will let you know if this is a firewall issue or a network issue. If you still can't get to Skype with a set source address, any destination, and any application set to allow then it would indicate that your firewall isn't at fault here; something in front of your firewall is to blame for the issue.
Thanks for the help guys. I did the allow all rule with one source and when Skype didnt work we realised its not FW issue. However, we pluged the machine directly with the router towards the internet and it didn't work also, then we change the DNS to public on (220.127.116.11) and everything was working perfectly. They have an issue with their DNS server.
Facing same problem.
Skype in my Organization with these Destination and apps (need simple solution).
To work correctly, Skype requires unrestricted outgoing TCP access to:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!