04-15-2023 02:05 PM
I searched through and it looks like it's an know issue that speedtest.net is not correctly identified by app-id
I use app -default setting on the policy
The policy cannot really see speedtest.net's traffic and identifies the traffic as ssl, speedtest uses customer port tcp 8080 which is obviously not part of ssl app id defined by pal alto
to bypass i have added under service custom port 8080 tcp and app as ssl, not speedtest app id as it was not identified and working anyway - it works this way
but later on I have enabled ssl decryption for testing purposes, hoping that the app will be correctly identified byt the firewall, however it did not work, palo alto still sees speedtest .net as pure ssl traffic
what can be a problem?
04-20-2023 11:54 AM
Hi @nevolex ,
You can submit an application to Palo.
04-20-2023 12:37 PM - edited 04-20-2023 12:39 PM
I don't see traffic to 8080 when I run speedtest.net
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!