Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

URL not accessible in Chrome and same working in Firefox

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Palo Alto Networks Approved
Palo Alto Networks Approved
Community Expert Verified
Community Expert Verified

URL not accessible in Chrome and same working in Firefox

L2 Linker

User trying to access external site, That particular website is not accessible getting "This site can’t be reached".

The same URL is working on Firefox. 

Request traffic from chrome not reaching paloalto, the same from Firefox I can see the traffic logs.

Other websites working in chrome browser through paloalto. 

The reported site is accessible in same machine, chrome browser outside network(not company LAN).

 

Thanks,
Sharthu
4 REPLIES 4

L0 Member

How is the firewall identifying the traffic when using browser?

When using browser, What is the category you see in the logs ? What is the URL you see in the logs ?

L4 Transporter

@JANARTHANAN1392 Do you use proxy in your environment? Browser can be configured to use or bypass your companies proxy and this would explain different connectivity behaviour when using different browsers. 

@batd2  No proxy settings in browser level. As I said I can see other external sites logs in palo. 

I want to add one more thing here,

Reported site is accessible if I add the site url in ssl decryption bypass. Before adding it same URL is accessible firefox browser and not on chrome & Edge. 

Thanks,
Sharthu

L4 Transporter

@JANARTHANAN1392 Another possible reason for the different browser behaviour could be the Quic protocol used by Chrome and Edge, which is Chrome based. 

Please see article below. You can try blocking quic as recommended: 

 

Palo Alto Networks recommends creating a security policy in the firewall to block the QUIC application. With the QUIC traffic getting blocked by the Firewall, the Chrome browser will fall back to using traditional TLS/SSL.

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClarCAC

 

 

  • 6288 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!