cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Vladimir
Pearl

Unexpected execution of inline layer rules

I am going through CP labs (11 Security Management Lab.pdf) in Infinity R80.10 training and am observing that in this policy:

Rule 5.5 is being executed on the traffic that should've been subjected to the treatment by the cleanup rule 4.3.

Rules 4.x are in a layer with content filtering blade only and rules 5.x are in a layer with Applications and URLs.

Actually, all of the App Control and URL filtering rules continue working normally.

Can someone tell me why would this be the case?

Tags (1)
0 Kudos
6 Replies
Highlighted
Admin
Admin

Re: Unexpected execution of inline layer rules

That would imply the traffic did not match Rule 4, which would be the only way for traffic to get to Rule 5.5.

What is the traffic in question?

0 Kudos
Vladimir
Pearl

Re: Unexpected execution of inline layer rules

VODKA | Smirnoff was blocked with notification.

0 Kudos

Re: Unexpected execution of inline layer rules

are you sure the source was within 192.168.101.0/24 but was still matched for parent rule 4 which is sources for 192.168.102.0/24 ? 

0 Kudos
Vladimir
Pearl

Re: Unexpected execution of inline layer rules

Positive.

0 Kudos

Re: Unexpected execution of inline layer rules

Can you share a screenshot of a log entry showing this?

0 Kudos
Vladimir
Pearl

Re: Unexpected execution of inline layer rules

Sorry, can't do: this was a cloud lab that is destroyed now and I was too slow to get the logs.

If I'll have time, I'll try to replicate it in my own lab.

0 Kudos