This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Url problem

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Url problem

Fagani
L2 Linker

‎05-16-2022 04:52 AM

Hello everybody.

I allow a url. I also allowed categories for that url, but the site still doesn't work properly. There is a problem connecting to a server on that site and it is deny

 

Thanks in advance

0 Likes Likes
7 REPLIES 7

PavelK
Cyber Elite
Cyber Elite

‎05-16-2022 05:14 AM

Hello @Fagani

 

would it be possible to get more details? What are you seeing in URL and Traffic logs?

 

Kind Regards

Pavel

 

Help the community: Like helpful comments and mark solutions.
0 Likes Likes

Fagani
L2 Linker
In response to PavelK

‎05-16-2022 06:01 AM 

When the internet is full, everything works fine.
However, the site does not fully open when provided with limited internet. Paloalto records show visits to surveymonkey.com. These visits apply to different servers. There is only one server to which deny answers come from
 
0 Likes Likes

PavelK
Cyber Elite
Cyber Elite

‎05-17-2022 05:50 AM

Thank you for reply @Fagani

 

unfortunately based on information from your reply, I am having a difficulty to understand what the issue could be. If I were in your situation, my starting point would be looking into URL logs. The first thing I would make sure that all allowed URL categories have action set to alert. Alert action allows traffic and records the logs. Also for the policies that are getting hit by this traffic, I would check in the traffic logs for "byte received" to confirm there is a response from web server.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.

Fagani
L2 Linker

‎05-18-2022 06:01 AM

@PavelK Thank you very much for answering me

0 Likes Likes

FBMTRAV
L1 Bithead

‎05-18-2022 07:21 AM

We are having similar issues with security rules getting hit when a URL category is referenced. We moved the URL to destination instead of URL category and it fixed our issues. Let me know if you need more info on that and I can share our findings from the Palo Alto support case.

 

Regards,
Travis

Regards,
Travis

Fagani
L2 Linker

‎05-18-2022 11:39 PM

@FBMTRAV Thank you very much. I need to know more about palo alto. I will be glad if you help

FBMTRAV
L1 Bithead
In response to Fagani

‎05-19-2022 05:02 AM

Okay, so to go into more detail, I'll explain how our URL security rule was written when it was broken and how we changed it to fix the problem.

 

1. In a broken state, we had a security rule with the URL referenced in a custom URL category. That Custom URL category was then added to the security rule. 

 

2. To Fix the problem we changed the URL Category in the security rule to Any and added each URL we wanted to permit in the Destination. When you add a URL to the destination of a security rule, you'll need to create an address object and choose FQDN.

 

Hope that helps!

Regards,
Travis
0 Likes Likes
  • 3621 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks