Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Yanik
Explorer
Jump to solution

R80.10 Inline layers issue

Hi Guys.

After upgrading from 77 we started to check new  80.10 options, specially Inline rules.

We build the rule 157.1 as on the image but in the log I see that "matched rules" are this one and the one in Application Layer as on the image.

My question is, if I use App layer inside the Inline mode the packet has to to go to the App Layer ?

 

Thanks, Yan

 

0 Kudos
1 Solution

Accepted Solutions
Maarten_Sjouw
Champion
Champion
When you still have a application layer on top of your inline application layer, it will still pass the traffic through the application layer.
All traffic will pass though the access policy first and then the application layer.
So when you want to apply inline layers for the Application control and URLF, you should remove the application layer as ordered layer.
Tip: When you set the application layer as a shared layer first, publish and then remove the apllication layer from the policy editor, you can reuse the policy as a inline layer.
Regards, Maarten

View solution in original post

0 Kudos
3 Replies
Maarten_Sjouw
Champion
Champion
When you still have a application layer on top of your inline application layer, it will still pass the traffic through the application layer.
All traffic will pass though the access policy first and then the application layer.
So when you want to apply inline layers for the Application control and URLF, you should remove the application layer as ordered layer.
Tip: When you set the application layer as a shared layer first, publish and then remove the apllication layer from the policy editor, you can reuse the policy as a inline layer.
Regards, Maarten
0 Kudos
Yanik
Explorer

Thanks Maarten,

This means I have to enable the App Control on this basic layer anyway, as I show in the attachment 

or enabling it in the inline is enough ?

 

 

 

 

0 Kudos
Maarten_Sjouw
Champion
Champion
Just enable it in the inline layer, that is sufficient. Unless you want to build APCL/URLF rule in the main policy.
Regards, Maarten

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events