01-23-2026 09:36 PM
hi my customer got an issue regarding palo alto.
This issue happens this
morning, no changes was done beforehand. The website was still accessible
yesterday until this morning.
We have done a few testings
as per below.
Office LAN users – Not
accessible
Bypass website’s Public IP
– Not accessible
Bypass website URL – Not
accessible
Wi-Fi users – Accessible
Personal hotspot –
Accessible
The impacted users are at the segment of 192.168.30.0/24. Why this happen ya ?
01-24-2026 03:53 PM
What URL and traffic log show from user towards website url/ip?
01-24-2026 08:47 PM
Hi,
Classic overnight PAN-DB recategorization, site got tagged high-risk / newly-registered / whatever and hit your block rule. Wi-Fi & hotspot work because they bypass the firewall.
Quick checks on firewall CLI:
texttest url example.com
request url-filtering debug host example.com
Check Traffic logs:
source 192.168.30.0/24 + url contains "example.com" → note the rule name and action (block/deny).
Fast fix:
Objects > Custom URL Category > New
Name: Allow-ExampleSite
Add: *.example.com
In the blocking rule (or new rule above it):
Source: 192.168.30.0/24
Destination: Allow-ExampleSite
Action: allow
Or temp allow by public IP if static.
For permanent: submit recategorization at https://urlfiltering.paloaltonetworks.com.
Paste the test url output + blocking rule name here and I’ll give you the exact config lines to commit.
Fixed?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
