Url problem

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Url problem

L2 Linker

Hello everybody.

I allow a url. I also allowed categories for that url, but the site still doesn't work properly. There is a problem connecting to a server on that site and it is deny

 

Thanks in advance

7 REPLIES 7

Cyber Elite
Cyber Elite

Hello @Fagani

 

would it be possible to get more details? What are you seeing in URL and Traffic logs?

 

Kind Regards

Pavel

 

Help the community: Like helpful comments and mark solutions.

When the internet is full, everything works fine.
However, the site does not fully open when provided with limited internet. Paloalto records show visits to surveymonkey.com. These visits apply to different servers. There is only one server to which deny answers come from
 

Cyber Elite
Cyber Elite

Thank you for reply @Fagani

 

unfortunately based on information from your reply, I am having a difficulty to understand what the issue could be. If I were in your situation, my starting point would be looking into URL logs. The first thing I would make sure that all allowed URL categories have action set to alert. Alert action allows traffic and records the logs. Also for the policies that are getting hit by this traffic, I would check in the traffic logs for "byte received" to confirm there is a response from web server.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.

L2 Linker

@PavelK Thank you very much for answering me

L1 Bithead

We are having similar issues with security rules getting hit when a URL category is referenced. We moved the URL to destination instead of URL category and it fixed our issues. Let me know if you need more info on that and I can share our findings from the Palo Alto support case.

 

Regards,
Travis

Regards,
Travis

L2 Linker

@FBMTRAV Thank you very much. I need to know more about palo alto. I will be glad if you help

Okay, so to go into more detail, I'll explain how our URL security rule was written when it was broken and how we changed it to fix the problem.

 

1. In a broken state, we had a security rule with the URL referenced in a custom URL category. That Custom URL category was then added to the security rule. 

 

2. To Fix the problem we changed the URL Category in the security rule to Any and added each URL we wanted to permit in the Destination. When you add a URL to the destination of a security rule, you'll need to create an address object and choose FQDN.

 

Hope that helps!

Regards,
Travis
  • 3627 Views
  • 7 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!