Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 2232 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Traffic processing when user information may be outdated

Milosh Stevanovich

Hello! Could you please expalin what's the default traffic policy when new authentication agent/AD DC info is unavailable for some reason.

Does the user-based rules get automatically turned off or someting?

Does the traffic which gets under user-based firewall rules get passed or dropped?



This thread was automatically locked due to age.
  • +1

    Hi Milosh,

    That depends on the Web Protection configuration on UTM. If the AD/DC is unavailable which means the User is not authentication in such instances the User traffic will be dropped if the "block access on authentication failure" option is selected.

    Thanks

  • 0

    Hi, Milosh, and welcome to the UTM Community!

    You are correct that User/Group-based rules can't work if Authentication fails.  I would create another Policy at the bottom of the list of Policies for situations like this.  Just leave 'Users/Groups' empty in the Policy.  You might want to create a new Filter Action for the new Policy.  Of course, you'll want to follow Sachin's recommendation, too.

    Cheers - Bob