This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Application Firewall block all access

Hi,

[ASG 8.201].

When enabling 'Block clients with bad reputation' in the profile for the web application firewall, ASG blocks all access to the websites protected by it. The logs report for every client trying to access our websites:

Client is listed on DNSRBL black.rbl.ctipd.astaro.local

I've tried it myself also from 10 different clients from different ISP's. All gave the same error... Disabling the option restores access to the websites again.

Any idea?

Franc.

This thread was automatically locked due to age.

Parents

0 ulmi over 14 years ago

You most likely hit a bug which will get fixed in 8.202. The WAF not only checks the DNS entry black.rbl.ctipd.astaro.local, but also (erroneously) black.rbl.ctipd.astaro.local.YOURLOCAL.DOMAIN where YOURLOCAL.DOMAIN is the domain name used in your ASG hostname.

If YOURLOCAL.DOMAIN has an wildcard entry for all subdomains, the WAF will block all IP addresses.
Cancel
Vote Up 0 Vote Down

Cancel
0 FrancWest over 14 years ago in reply to ulmi

Hi,

ok, that explains it. Our external DNS has a wildcard entry for our domain name.

Franc.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 FrancWest over 14 years ago in reply to ulmi

Hi,

ok, that explains it. Our external DNS has a wildcard entry for our domain name.

Franc.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data