cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who rated this post

L0 Member

I know this thread seems to be a few months old, but I wanted to add that I had to do this exact thing this morning on one of our FWs and it worked fine.  

Whats-app chat and calls are still allowed.

however, file transferring (even voice notes) is not.  

The rule I used looks like:

KarienVerster_0-1670506794649.png

Basically, everything WhatsApp needs to work is allowed in this rule, except the 'whatsapp-file-transfer' application

 

Our catch-all-block-rule at the end of our security policies will catch the file transfers, which is not explicitly allowed anywhere, and block them. 

We don't have any special decryption configured either. Palo Alto correctly classifies all this traffic so we could create this rule without issue.

 

We are using a PA460, on Firmware 10.2.3 if this helps.  

 

@Thomasevig perhaps check your monitoring on the FW, while doing a file transfer on WhatsApp to see if your traffic is correctly classified.  If yes, then this rule should work for you.  

 

tbh - I was trying to get only uploads on WhatsApp blocked, with downloads still working.  But I was unable to get this working.  It is either a block all file transfer or nothing it seems.

Who rated this post