Best Practice "Allow New Apps" rule is blocking an URL

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Best Practice "Allow New Apps" rule is blocking an URL

L2 Linker

Hi Experts

one of our devOps guy use "Postman" and getting connection reset while using the URL" xxx.yy.api.zzzz.io/" (TCP 443)

Log shows Traffic is allowed but URL is getting blocked by the Same RULE called "Allow New App" its a default best practice rule and doesnt allow me to change the URL or add a bypass. What is the best way to overcome this ? I really dont want to add a new rule above this Best practice rule. 

 

 

Ariq_Aziz_4-1698291649163.png

 

Ariq_Aziz_3-1698291630138.png

 

Thanks

ARIQ

 

3 REPLIES 3

Any workaround for this?

Cyber Elite
Cyber Elite

Are you blocking any of the categories listed under "URL Category List" on your first screenshot?

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

L0 Member

Hi @Ariq_Aziz,

The URL Category "insufficient-content" is blocked by default for best practices. I've hit this same issue in my home lab (PA-440) with various other API traffic as well as services utilizing CDNs (such as Netflix content). My suggestion would be to create a custom URL category to allow specific traffic through, so the default URL category "insufficient-content" can still block other traffic.

 

Create a Custom URL Category:
https://docs.paloaltonetworks.com/advanced-url-filtering/administration/configuring-url-filtering/ur...

  • 2765 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!