Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 18 replies
  • Subscribers 3 subscribers
  • Views 30777 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow certain traffic

A.M. Heijboer

Hello everybody,

I would like to ask you for help. The thing is that I wan't to allow certain services. These include Dropbox and Spotify.

I've allowed Dropbox and Spotify via Application Control (Web Protection > Application Control), but I am still seeying many red lines in the Firewall live log, where you can see the service (Dropbox or Spotify) and next to that you see that the packet has been dropped.

Since I've allowed them in Application Control, how could this happen?

Well, I hope somebody can explain to me what I'm doing wrong, and can give some advice, on how I can manage to do this in the most secure and efficient way.

Thanks a lot!

P.s. yes, I have disabled the IPS rules for Skype



This thread was automatically locked due to age.
Parents
  • 0

    Hi A.M.,

    Just to clarify you have web filtering/firewall rules in place to allow HTTP/HTTPS traffic out to the internet?

    Application control looks inside the packet at the application layer whereas the firewall is concerned with the network and transport layers. So therefore if you're not actually allowing out the initial connection then the application control will not fire because it happens after the firewall rejection.

    Easiest way to test is create a Local Network > HTTP & HTTPS > Internet IPV4 Allow Firewall Rule and see if Skype/Dropbox kicks into life. This would be better served by creating web filtering rules in transparent mode if you are actively trying to block websites but be careful as you can quite easily block Skype & dropbox there too.

    Hope that helps,

    Emile

  • 0 in reply to Emile Belcourt

    Sorry, did't know that [ I P ] was becomming [IP]

Reply Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?