Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gregory_Welch
Participant

App Control issue with R80 MGMT, 1400 Appliance

Jump to solution

I recently build an R80.10 Management server and joined a gateway to it.  I ran into a problem.  The gateway is a 1470W Appliance that runs R77.20.40 Embedded GAIA.  I built a very basic policy and installed it without issue.  I then tried to turn on the App Control and URL Filtering Blades, then push a policy with App Control rules and got the following error (screen shot attached).  Does anybody know how I can use App Control and URL Filtering with my current setup?  I'm sure the long term fix is probably to wait for R80 version of Embedded Gaia, but that may be a while.  

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

This is a fairly standard issue that will occur when you are managing pre-R80 gateways with R80.

To work around this, you have to construct your policy in the manner that pre-R80 versions support.

Your policy package has to have two layers:

  • Firewall only (first one)
  • App Control / URL Filtering (second one)

Here's a screenshot that shows what the first layer should be like:

The second layer will have both Firewall and Applications & URL Filtering checked.

Your App Control rules will go in the second layer and will only be reached if the Firewall layer matches the connection with an Accept.

More details on the subject here: Application Control and URL Filtering Pre-R80 Security Gateways with R80 Security Management 

View solution in original post

2 Replies
PhoneBoy
Admin
Admin

This is a fairly standard issue that will occur when you are managing pre-R80 gateways with R80.

To work around this, you have to construct your policy in the manner that pre-R80 versions support.

Your policy package has to have two layers:

  • Firewall only (first one)
  • App Control / URL Filtering (second one)

Here's a screenshot that shows what the first layer should be like:

The second layer will have both Firewall and Applications & URL Filtering checked.

Your App Control rules will go in the second layer and will only be reached if the Firewall layer matches the connection with an Accept.

More details on the subject here: Application Control and URL Filtering Pre-R80 Security Gateways with R80 Security Management 

View solution in original post

Gregory_Welch
Participant

Thanks for the help.  I got to learn about "layers".  Thanks Again.

0 Kudos