I have been experiencing below issue related to Mobile Access Portal.
My requirement is to just block specific Public IPs from accessing Mobile Access Portal. What I've done is, I change Mobile Access->Portal Settings->According to the firewall policy to enabled and placed an explicit security rule to block required source IPs and then below that placed an explicit security rule to allow any source IP to Mobile Access Portal.
My Mobile Access Portal got blocked as expected to the required blocked IP addresses. But issue is when I checked smart log it showed me that blocked requests are also matched with an implied rule and the action is accept instead of my explicit block rule. But other public IPs matched with my explicit allow rule where as I expected.
So my SIEM tool alerting us Blocked IPs are gaining access without getting blocked based on implied rule log.