Hi,
I am relativly new to XG but spent some time playing and have got a few questions regarding denying or allowing applications.. I have gotten used to Ubiquity DPI Firewall built in to the EdgeRouters and I like the fact that I can apecify any combination of IP/Layer 3 info/Application/Time and make it accept or deny. I can say "Block Youtube", or Allow "Netflix" ont he top of the firewall and then I know it will always do what I want for the app only. If the app is not hit, it will contnue to other rules below.
I understand on XG, I can specify an application to be blocked or accepted in the "Identify and control applications (App control)" section of the rules. But this only shows up when do an accept action. The problem with that is that if I leave the Layer 3 options ANY/ANY then all other traffic is allowed and I don't have much control.
Here an example.
I want to allow gaming traffic to go through without it going through the proxy. so I wanted to add a rule on top to say allow gaming apps to pass without proxy. but if I do that, then it will also allow all other traffic and will not continue through to the other rules that might have proxy enabled.
Alternatively, if I want to block an application on the top of my rules, I can add a block app in the identity and control section to block it, but it will allow all other traffic because my rule is allow all.
There is no way for me to tell the firewall "Block Application XYZ" and if it's not this app just continue to the rest of the rules...
If you know what I am trying to say, please help. f not, I'll try to give better examples.
Thank you,
This thread was automatically locked due to age.
