08-03-2023 10:35 PM
One URL does not access on browser, it shows error timed out. PA-3220 we are using.
1. Create one test rule - Where you allow everything for one source only.
2. Clone the test rule and deny the "Quic" application there and put it above the test rule.
But it is not working.
please help me for this
08-10-2023 04:54 AM
Hi @sidhardhatech
Sorry, didn't get you fully - What do you mean by "The url is pinging in browser and In traffic logs it allow ping only." ?
I would recommend you to confirm below things -
1. What are the traffic logs for the URL when accessed from the browser ? Is it matching desired security policy ?
2. Also if you have any security profiles attached to the security policy, kindly verify respective logs also for the web traffic.
3. Did you tried to take packet capture for the web traffic? Packet capture will give you more clarity.
08-06-2023 08:04 PM
Hello @sidhardhatech
Did you see the traffic is denied by the firewall due to the rule that you have created to deny the 'Quic' application? Are you able to access the URL with just the 'allow everything' rule? If the URL traffic matched to Quic application then as per your policy it will be denied hence the user won't be able to access it. You may try to narrow down it by looking into the traffic/threat/URL Filtering logs.
08-07-2023 03:37 AM
we created test policy 1st rule in top of policy , any to any. Url is pinging but not opening in browser.
08-07-2023 08:21 AM
Hello @sidhardhatech ,
Is the issue specific to a particular URL or affecting all traffic?
Have you enabled SSL decryption in the firewall?
Are you able to access the URL(s) when the firewall is bypassed?
08-07-2023 09:44 PM
sorry for late reply
1. paritcular url we facing this issue
2. we are not using any decryption policy.
3. we have access the url , firewall is bypassing it.
The url is pinging in browser and In traffic logs it allow ping only.
Please share any document or any solution for this.
08-10-2023 12:43 AM
Please update ?
08-10-2023 04:54 AM
Hi @sidhardhatech
Sorry, didn't get you fully - What do you mean by "The url is pinging in browser and In traffic logs it allow ping only." ?
I would recommend you to confirm below things -
1. What are the traffic logs for the URL when accessed from the browser ? Is it matching desired security policy ?
2. Also if you have any security profiles attached to the security policy, kindly verify respective logs also for the web traffic.
3. Did you tried to take packet capture for the web traffic? Packet capture will give you more clarity.
08-11-2023 04:07 AM
while we are checking Pcap in Wireshark, we found tcp RST.
problem is not solved
08-11-2023 04:07 AM
while we are checking Pcap in Wireshark, we found tcp RST.
problem is not solved
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
