Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 1047 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New to XG: FTP rule for custom app right rule?

McDuck

Hi all,

Just installed our first XG with a client, very happy so far.
I'm partway through my training and still finding my feet with the GUI.

I have a custom app making an FTP call for an update, it was being blocked, I have created a firewall rule and it's now not being blocked.
I just want to know if I've done this in the most efficient way.

I had tried to add an exception in a few places but couldn't see how to tie it down to an external IP address.

so I created a new user/network rule with the following setup:
Source zone: Lan -- Source network and devices: Any
Destination zone: Wan -- Destiotnan networks: specific IP address -- Services: FTP
Matched know users and added the group.
Scan FTP for malware
Left everything else as is other than setting it to log traffic.

Was this the best way to add this rule?  I would have expected to have been able to add it as an exception to an existing rule?

Thanks in advance,
Luke



This thread was automatically locked due to age.
Parents
  • 0

    How you have it setup obviously works fine, but it’s tough to really say if it’s the “best” way to add the rule without knowing the rest of your setup. Do you know why FTP was being blocked? Was it another firewall rule blocking it? IPS policy? Application policy?

    In v18 (which is currently in beta), there’s an exclusion list feature for firewall rules but it still completely depends on your firewall rule setup (e.g. what rules you have below the rule you’re excluding it from).

Reply
  • 0

    How you have it setup obviously works fine, but it’s tough to really say if it’s the “best” way to add the rule without knowing the rest of your setup. Do you know why FTP was being blocked? Was it another firewall rule blocking it? IPS policy? Application policy?

    In v18 (which is currently in beta), there’s an exclusion list feature for firewall rules but it still completely depends on your firewall rule setup (e.g. what rules you have below the rule you’re excluding it from).

Children
No Data