Web access issue

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Web access issue

L2 Linker

One URL does not access on browser, it shows error timed out. PA-3220 we are using.

1. Create one test rule - Where you allow everything for one source only.

2. Clone the test rule and deny the "Quic" application there and put it above the test rule.

 

But it is not working.

 

please help me for this

Knowledge
1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

Hi @sidhardhatech 

Sorry, didn't get you fully - What do you mean by "The url is pinging in browser and In traffic logs it allow ping only." ?

 

I would recommend you to confirm below things -

 

1. What are the traffic logs for the URL when accessed from the browser ? Is it matching desired security policy ?

2. Also if you have any security profiles attached to the security policy, kindly verify respective logs also for the web traffic.

3. Did you tried to take packet capture for the web traffic? Packet capture will give you more clarity.

 

 

M

View solution in original post

8 REPLIES 8

L4 Transporter

Hello @sidhardhatech 

 

 

Did you see the traffic is denied by the firewall due to the rule that you have created to deny the 'Quic' application? Are you able to access the URL with just the 'allow everything' rule? If the URL traffic matched to Quic application then as per your policy it will be denied hence the user won't be able to access it. You may try to narrow down it by looking into the traffic/threat/URL Filtering logs.

Anoopkumar
Network Security Engineer

L2 Linker

we created test policy 1st rule in top of policy , any to any. Url is pinging but not opening in browser.

 

sidhardhatech_0-1691404627115.png

 

Knowledge

L4 Transporter

Hello @sidhardhatech ,

 

Is the issue specific to a particular URL or affecting all traffic?

Have you enabled SSL decryption in the firewall?

Are you able to access the URL(s) when the firewall is bypassed?

 

 

 

 

Anoopkumar
Network Security Engineer

sorry for late reply

 

1. paritcular url we facing this issue

2. we are not using any decryption policy.

3. we have access the url , firewall is bypassing it.

The url is pinging in browser and In traffic logs it allow ping only.

 

Please share any document or any solution for this.

Knowledge

L2 Linker

Please update ?

Knowledge

Cyber Elite
Cyber Elite

Hi @sidhardhatech 

Sorry, didn't get you fully - What do you mean by "The url is pinging in browser and In traffic logs it allow ping only." ?

 

I would recommend you to confirm below things -

 

1. What are the traffic logs for the URL when accessed from the browser ? Is it matching desired security policy ?

2. Also if you have any security profiles attached to the security policy, kindly verify respective logs also for the web traffic.

3. Did you tried to take packet capture for the web traffic? Packet capture will give you more clarity.

 

 

M

while we are checking Pcap in Wireshark, we found tcp RST. 

problem is not solved

 

Knowledge

while we are checking Pcap in Wireshark, we found tcp RST. 

problem is not solved

Knowledge
  • 1 accepted solution
  • 1685 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!