heartbeat denied?

For all clients or only for certain? 

Can you check the heartbeatd.log?

Which IP is it? 

https://community.sophos.com/kb/en-us/132211

The Heartbeat logs dont have any events for the IP in question, but its working for a linux client.  Im seeing the denied events in the firewall log, the IP is being denied by the firewall for some reason?  I had created a rule for Heartbeat traffic which was working?? 

Any ideas?

The Heartbeat logs dont have any events for the IP in question, but its working for a linux client.  Im seeing the denied events in the firewall log, the IP is being denied by the firewall for some reason?  I had created a rule for Heartbeat traffic which was working?? 

Any ideas?

Can you show us your Firewall ID 1? 

FW ID1

But i did setup a rule higher up than rule 1

Do you know what url the heartbeat uses??  I must be missing something in my Heartbeat rule..

Thanks

First of all, XG decides if a Rule matches on following criteria:

Source IP*

Destination IP

Service

*Source IP can be replaced with a Username. 

All other "Features" like Sync-Sec Heartbeat are additional action and will be applied, if the rule is applied.

The XG uses a first match system. So basically, if it finds a matching rule based on the criteria mentioned above, this rule will be applied. 

You cannot "clone" a rule without heartbeat. It will not be applied. 

Heartbeat is not a criteria to filter traffic. It will be applied no matter what you select. 

All IPs used by XG: https://community.sophos.com/kb/en-us/126576

Thanks for that link, its just what i need.