Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Beverley_Cudd
Contributor

Missing cleanup rule when a rule is definetely set

Jump to solution

I am getting the following message even though we have a cleanup rule configured - Missing cleanup rule - Unmatched traffic will be dropped and not logged.

I have checked the Advanced tab in Manage Policies and layers, Layers  and it is defintely ticked to Drop traffic. We also have a rule at the bottom of our policies to as Any, Any, Any, Drop, Log.

We are running R80.10.

3 Solutions

Accepted Solutions
Maarten_Sjouw
Champion
Champion
I have seen the exact same thing in a layer, as long as it is not the originally created cleanup rule, which is created when you create the layer (at least in R80.10), it is not seen as THE Layer Cleanup Rule.
Regards, Maarten

View solution in original post

Beverley_Cudd
Contributor

New file attached showing what happens if I try to add a cleanup rule from the dropdown option.

View solution in original post

Timothy_Hall
Champion
Champion

Set Install On field in your cleanup rule to Any/Policy Targets and the warning will go away.  As configured your cleanup rule does not apply to all gateways which is causing the warning.

 

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com

View solution in original post

7 Replies
Timothy_Hall
Champion
Champion

Can you please provide a full-width screenshot of your cleanup rule as well as the warning below it?

 

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Beverley_Cudd
Contributor

Have attached a copy of the config and rule as requested.

This seems to have only appeared since we upgraded the gatewas from the 77.30 to 80.10 and the Management server from R80.0 to R80.10.

Also same for R75.30 that is managed by R80.10.

 

PhoneBoy
Admin
Admin
A rule is only considered a cleanup rule if it is "any any any" with either an accept or drop action.
What is your final rule look like?
0 Kudos
Maarten_Sjouw
Champion
Champion
I have seen the exact same thing in a layer, as long as it is not the originally created cleanup rule, which is created when you create the layer (at least in R80.10), it is not seen as THE Layer Cleanup Rule.
Regards, Maarten

View solution in original post

Beverley_Cudd
Contributor

New file attached showing what happens if I try to add a cleanup rule from the dropdown option.

View solution in original post

Timothy_Hall
Champion
Champion

Set Install On field in your cleanup rule to Any/Policy Targets and the warning will go away.  As configured your cleanup rule does not apply to all gateways which is causing the warning.

 

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com

View solution in original post

Beverley_Cudd
Contributor
Thanks that has cleared the message.
0 Kudos