Gents,
we have the default application block response page enabled, however when users get app blocked this often happens, which doesn't help the support team troubleshoot the issue without having to go look for it?
Any ideas?
top of page
All things Palo Alto Networks
Comments (14)
Forum: Forum
bottom of page
You guys are the best!!
I just set it up. As soon as my ssl decryption kicks in it works as expected
you mean like this...
Also as a test I have opened the permitted IP address to our entire scope.
I have another application now, bitbucket and this is doing the same, I have even added computer-internet-info into our decryp rule and still no APP block page
You do have 'response pages' enabled in the management profile on the client zones, right?
then my best guess is that you'll need to enable ssl decryption so the firewall is able to inject an error page
no as you can see
do you have ssl decryption enabled and are there any decrypt errors? the firewall may not be able to decrypt the traffic so it can't inject the block page
any thoughts?
this is a via a browser and not the evernote app. So when a usr browses to the evernote rule they get the error page.
Do you have SSL Decryption enabled for this blocked page or URL category if accessing via browser ? You might need to decrypt in order for firewall to check actually it is web-browsing traffic & display HTTP response page.
its readable :) are you using evernote from the app or through a browser ? these app block things ae tricky to troubleshoot.
are you able to reliably simulate a proper response page with other applications ?
sorry its small lol
yes it was
have you been able to positively match this error page to a security action ? (is it reject or drop?)