This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
About nreynders
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About nreynders
10-20-2021
3Posts
0Likes
0Solutions
Oct 20, 2021Last Visited
User
Activity
User
Profile
Latest posts by nreynders
| Subject | Views | Posted |
|---|---|---|
| 985 | 10-20-2021 07:25 AM | |
| 989 | 10-20-2021 07:21 AM | |
| 1533 | 01-29-2021 10:19 AM |
User Badges
Community Statistics
| Member Since | 10-06-2020 10:01 AM |
| Date Last Visited | 10-20-2021 10:45 AM |
| Posts | 3 |
10-20-2021
07:25 AM
Thanks for the additional info here! I have noticed Quic protocol coming through, but I can also replicate the issue on IE and Firefox. We implemented SSL decryption for our users since the time of my first post, now all reddit related traffic comes through as "reddit-base", still no reddit-posting. PA verified that they can replicate the bug on their end, said they are looking into it with CON-50447.
... View more
10-20-2021
07:21 AM
As an update, we've implemented full SSL decryption since my original post for users, and now the issue persists by having all reddit related web traffic come through as "reddit-base". Previously--when first implemented--"reddit-posting" app-id would appear and function normally. By excluding this from our allow rule we could prevent users from messaging, signing in, commenting, etc... seems to not be the case anymore. I opened a case with PA and they let me know this is a known issue being tracked as bug id CON-50447 but I don't have much more information than that. They are able to reproduce on their end, so hopefully some additional visibility will help.
... View more
01-29-2021
10:19 AM
Last year I implemented a rule to allow users in my company access to the reddit.com site. It is in our company policy to disallow sharing messages on social media, so I implemented this rule with URL filtering (chat/messages/etc...) and only allowing the appid "reddit-base", not "reddit-posting". This worked at the time, and has stopped functioning properly some time in the past year. Now, users are still limited from messaging/chat/etc... but can post comments and new threads on the site. This relates to SSL decryption as I was digging down the rabbit-hole and think that the "reddit-posting" appid has switched over to "web-browsing". I was wondering : 1. If I implement SSL decryption on reddit, will it pick up the "reddit-posting" appid again? 2. Why do I no longer see "reddit-posting" in my logs? 3. What can SSL decryption do--or can't do--to help me solve this issue? 4. Is this a more-so a question about how PA identifies appids for reddit?
... View more
- Tags:
- SSL Decryption
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
10-20-2021
10:45 AM
|
Latest Tags
No tags yet
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks