Some HTTP sites is not accessible via Prisma Explicit proxy when "http header insertion" used with static values as authentication method.
3596
Created On 01/17/24 10:02 AM - Last Modified 01/28/25 06:43 AM
Symptom
- Saas Application Management/http header insertion is configured with Prisma Access Explicit proxy.
- Static values are configured instead of dynamic.
- When accessing http site, error "404 not found" is displayed.
- Packet capture displays the inserted header values for authentication in cleartext.
Environment
- Prisma Access Explicit Proxy
- Saas Application Management
Cause
- Prisma Remote Networks or PANOS converts header insertion values to base64 encoded values when dynamic values are configured by default.
- When a static value is configured for header insertion, base64 encode process is not done.
- Due to this Prisma Explicit proxy fails to load http pages.
Resolution
If static values must be used in header insertion for authentication, Configure base64 encoded values of static strings instead of cleartext value.