V16 can't block Line messenger

ShunzeLee,

as best practice you should not allow any service from LAN to WAN zone, but only required ports should be enabled.

Anyway the application seems to be blocked from the logs but it works. Is the Micro-App Discovery checked on the Application rule you are using?

Can you try to disable micro-app discovery globally from CLI to see if the application is blocked?

From console type "system application_classification show" to check the current status and then "system application_classification off" to turn it off (without quota).

Thanks

Hi Luk,

I don't chek the Micro-App Discovery.

What I do is just deny Line Application.

And the same setting works great on V15, and let me sad on V16...

Shunze

Sophos doesn't care the issue?

It's suck...

HI ShunzeLee, 

Could you increase the packet size limitation of the IPS to 100 from default 8 from console . 

In console > set ips maxpkts 100

If it did not work then enable Micro App discovery and check the issue again

Thanks and regards

Aditya Patel

I block Line from Application filter, but you call me to adjust the IPS setting !?
The same setting works great on V15.

I want to know what's wrong with V16.
V16 should be better than V15, isn't it?

Hi ShunzeLee,

Well to diagnose the issue , Check if the settings mentioned works for you . IF it does not you may open a Service request and shall guide you further.

Thanks and Regards

Aditya Patel

The setting doesn't work.
Line still can use.

Even I enable the Micro App Discovery, it got the same result.

Only me got the issue in the world on V16???

HI ShunzeLee, 

Thank you for an update , I would request you to open a service request review the issue in person by our engineers and you may share your service request along with the link to this thread for reference . 

Thanks and regards

Aditya Patel

After I open case with Sophos, they identified it is an open issue which will be resolved in upcoming firmware release. 

Before the next release version, users can block Line with deny TOR proxy and Line application.

Or block the Line's IPs to deny traffic.

Hi ShunzeLee, 

I would test the policy from my end and get back to you .