Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 2976 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall overrides Application Management

SalishSwede
I have an Application Management rule that allows XMPP [port 5222] traffic.
Yet when I attempt to use XMPP-based messaging I see the following...


15:05:06 Default DROP TCP 10.1.2.31 : 61629 → 69.171.241.10 : 5222 [SYN] len=64 ttl=63 tos=0x00 srcmac=4:c:ce[:D]c:50:82 dstmac=0:c:29:f2:87:19[FONT=monospace]15:05:07 Default DROP TCP 10.1.2.31 : 61629 → 69.171.241.10 : 5222 [SYN] len=64 ttl=63 tos=0x00 srcmac=4:c:ce[:D]c:50:82 dstmac=0:c:29:f2:87:19
[/FONT]
[FONT=monospace]15:05:08 Default DROP TCP 10.1.2.31 : 61629 → 69.171.241.10 : 5222 [SYN] len=64 ttl=63 tos=0x00 srcmac=4:c:ce[:D]c:50:82 dstmac=0:c:29:f2:87:19
[/FONT]
[FONT=monospace]15:05:10 Default DROP TCP 10.1.2.31 : 61629 → 69.171.241.10 : 5222 [SYN] len=64 ttl=63 tos=0x00 srcmac=4:c:ce[:D]c:50:82 dstmac=0:c:29:f2:87:19
[/FONT]



How do I keep the default firewall rules from overriding the Application Management rules?

Thanks,

Doug


This thread was automatically locked due to age.
Parents
  • 0
    By default, all network traffic is allowed when application control is enabled.

    That's confusing.  I wonder what the author meant by that?

    How could an AppCon Allow rule get ignored, leading to a default drop?  I don't think that can happen...  Dougga, please also show a picture of your Application Control rule along with the fill line from the Firewall log and any related lines from the same time in the Application Control log.

    Cheers - Bob
Reply
  • 0
    By default, all network traffic is allowed when application control is enabled.

    That's confusing.  I wonder what the author meant by that?

    How could an AppCon Allow rule get ignored, leading to a default drop?  I don't think that can happen...  Dougga, please also show a picture of your Application Control rule along with the fill line from the Firewall log and any related lines from the same time in the Application Control log.

    Cheers - Bob
Children
No Data