Palo Alto Networks Knowledgebase: Application Dependency Warnings with Allowed Enabler Application

Application Dependency Warnings with Allowed Enabler Application

6637
Created On 02/07/19 23:47 PM - Last Updated 02/07/19 23:47 PM
Policy
Resolution

Issue

After allowing dependent applications in a different security policy, a commit on the Palo Alto Networks firewall displays an application dependency warning:

13341_Screenshot1.pngApplication Dependency Warning

 

Resolution

 

  1. Create new services at Objects > Services, as shown in the example, by identifying the ports used by dependent-app under Objects > Applications:
    13530_Screenshot6.pngApplications
    Ports used by application Citrix:
    13531_Screenshot7.pngCitrix ports
    Ports used by application Socks (dependent-app):
    13532_Screenshot8.pngSocks ports
  2. Go to Policy > Security and select desired policy. Click Service/URL Category.
  3. Add the services created in the previous steps.
    13533_Screenshot9.pngServices
    Sample configuration committed successfully with no warnings:
    13425_Screenshot5.pngNo warnings

For more information on enabler-app and dependent-app, refer to the following document: How to Check if an Application Needs to have Explicitly Allowed Dependency Apps

 

owner: hyadavall



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClraCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language