Palo Alto Networks Knowledgebase: How to Schedule Policy Actions
How to Schedule Policy Actions
Created On 02/07/19 23:36 PM - Last Updated 02/07/19 23:36 PM
Policies can be set to perform configured actions on session traffic at scheduled times and days.
On the WebGUI, go to Objects > Schedules then click Add. Choose daily, weekly or non-recurring. To select multiple days during the week, choose weekly, day of week, start time, end time, then add.
On the CLI: > configure # set schedule schedule-block-youtube recurring daily 09:00-18:00
On the WebGUI go to Policies > Security > Security Policy Rule > Schedule > Actions.
On the CLI: > config # set rulebase security rules block-youtube from L3-Trust to L3-Untrust source any destination any application youtube schedule schedule-block-youtube service any log-end yes action deny
Continue adding each day until the list is complete.
Commit the change.
Note: Sessions begun before the scheduled start time are not affected by the policy if session rematch is not enabled (Device > Setup > Session) AND a manual commit is made.
Commit MUST be ran manually via “commit force” from the CLI, or by adding/modifying something in the policy in order to have the option to commit via the WebGUI.