Thread Info
  • State Not Answered
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 22 replies
  • Subscribers 33 subscribers
  • Views 62100 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocked traffic not logged - Bug

lferrara

Today,


one of my external connection was not working, so I decided to have a look at Security Logs to see which port this application uses.

Blocked traffic is not logged. I filtered by destination IP (because I know the IP), but nothing appears. No filter, same result.

So to know which port was used, I created a Policy rule allowing ALL and then I was able to find the destination port.

This is a bug. Can someone do this test?

Luk



This thread was automatically locked due to age.
Parents
  • 0

    An implicit deny should exist on XG and should not be even erasable. I created a manual deny any any with logging enabled and now I can see normal blocked traffic.

    For sure, there is something wrong.

    [:^)]

  • 0 in reply to lferrara
    Could you please share a screen shot of the rule you created to make logging work? I am having a problem downloading new Windows Insider Builds and a logs don't show anything blocked so how could I fix this? The only way I can download new Windows Insider builds is I have to disable HTTP scanning for the device. This is a big pain to do each time.
  • 0 in reply to Big Ray

    Hi Big Ray,

    As I said when I open this thread, the XG has not implicit deny when it is installed (no normal). So blocked traffic was not logged because the defaul rule does not exist. So create a deny any any rule that is checked as last one and make sure you enable logging. See screenshot.

Reply
  • 0 in reply to Big Ray

    Hi Big Ray,

    As I said when I open this thread, the XG has not implicit deny when it is installed (no normal). So blocked traffic was not logged because the defaul rule does not exist. So create a deny any any rule that is checked as last one and make sure you enable logging. See screenshot.

Children