Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Subscribers 29 subscribers
  • Views 12920 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

restricted fqdn or ip hosts - problem. Rule does not work

Iticcpalakkad

Hi all

I created a firewall allow rule with destination as fqdn (*.microsoft.com). Sadly, the rule does not work and "deny all" rule is applied to traffic. Kindly help



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    a very vague request.

    Please provide log entries and copies of your firewall rules including wherein the firewall rule order your failing rule is?

    Ian

  • 0 in reply to rfcat_vk

    Hi rfcat

    Sorry for being so vague. The rule in discussion is at the TOP

    Here is the log 

    2018-03-29 12:25:29Firewallmessageid="01001" log_type="Firewall" log_component="Invalid Traffic" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="0" policy_type="0" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" in_interface="Port4" out_interface="" src_mac="f4:8e:38:ff:30:e0" src_ip="192.168.30.101" src_country="" dst_ip="192.168.30.1" dst_country="" protocol="TCP" src_port="64429" dst_port="3128" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="Could not associate packet to any connection." appresolvedby="Signature"

    This is what I get when I change the destination to any

    2018-03-29 12:35:32Firewallmessageid="00001" log_type="Firewall" log_component="Firewall Rule" log_subtype="Allowed" status="Allow" con_duration="11" fw_rule_id="11" policy_type="1" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="HTTP" app_risk="1" app_technology="Browser Based" app_category="General Internet" in_interface="Port4" out_interface="" src_mac="00: 0:00: 0:00: 0" src_ip="192.168.30.101" src_country="R1" dst_ip="192.168.30.1" dst_country="R1" protocol="TCP" src_port="64499" dst_port="3128" packets_sent="9" packets_received="11" bytes_sent="2565" bytes_received="5216" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="LAN" src_zone="LAN" dst_zone_type="WAN" dst_zone="WAN" con_direction="" con_event="Stop" con_id="393258208" virt_con_id="" hb_status="No Heartbeat" message="" appresolvedby="Signature"

Reply
  • 0 in reply to rfcat_vk

    Hi rfcat

    Sorry for being so vague. The rule in discussion is at the TOP

    Here is the log 

    2018-03-29 12:25:29Firewallmessageid="01001" log_type="Firewall" log_component="Invalid Traffic" log_subtype="Denied" status="Deny" con_duration="0" fw_rule_id="0" policy_type="0" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="" app_risk="0" app_technology="" app_category="" in_interface="Port4" out_interface="" src_mac="f4:8e:38:ff:30:e0" src_ip="192.168.30.101" src_country="" dst_ip="192.168.30.1" dst_country="" protocol="TCP" src_port="64429" dst_port="3128" packets_sent="0" packets_received="0" bytes_sent="0" bytes_received="0" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="" src_zone="" dst_zone_type="" dst_zone="" con_direction="" con_id="" virt_con_id="" hb_status="No Heartbeat" message="Could not associate packet to any connection." appresolvedby="Signature"

    This is what I get when I change the destination to any

    2018-03-29 12:35:32Firewallmessageid="00001" log_type="Firewall" log_component="Firewall Rule" log_subtype="Allowed" status="Allow" con_duration="11" fw_rule_id="11" policy_type="1" user="" user_group="" web_policy_id="0" ips_policy_id="0" appfilter_policy_id="0" app_name="HTTP" app_risk="1" app_technology="Browser Based" app_category="General Internet" in_interface="Port4" out_interface="" src_mac="00: 0:00: 0:00: 0" src_ip="192.168.30.101" src_country="R1" dst_ip="192.168.30.1" dst_country="R1" protocol="TCP" src_port="64499" dst_port="3128" packets_sent="9" packets_received="11" bytes_sent="2565" bytes_received="5216" src_trans_ip="" src_trans_port="0" dst_trans_ip="" dst_trans_port="0" src_zone_type="LAN" src_zone="LAN" dst_zone_type="WAN" dst_zone="WAN" con_direction="" con_event="Stop" con_id="393258208" virt_con_id="" hb_status="No Heartbeat" message="" appresolvedby="Signature"

Children
No Data