Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vladimir
Champion
Champion

Unexpected execution of inline layer rules

I am going through CP labs (11 Security Management Lab.pdf) in Infinity R80.10 training and am observing that in this policy:

Rule 5.5 is being executed on the traffic that should've been subjected to the treatment by the cleanup rule 4.3.

Rules 4.x are in a layer with content filtering blade only and rules 5.x are in a layer with Applications and URLs.

Actually, all of the App Control and URL filtering rules continue working normally.

Can someone tell me why would this be the case?

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

That would imply the traffic did not match Rule 4, which would be the only way for traffic to get to Rule 5.5.

What is the traffic in question?

0 Kudos
Vladimir
Champion
Champion

VODKA | Smirnoff was blocked with notification.

0 Kudos
Tomer_Sole
Mentor
Mentor

are you sure the source was within 192.168.101.0/24 but was still matched for parent rule 4 which is sources for 192.168.102.0/24 ? 

0 Kudos
Vladimir
Champion
Champion

Positive.

0 Kudos
Norbert_Bohusch
Advisor

Can you share a screenshot of a log entry showing this?

0 Kudos
Vladimir
Champion
Champion

Sorry, can't do: this was a cloud lab that is destroyed now and I was too slow to get the logs.

If I'll have time, I'll try to replicate it in my own lab.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events