Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

Application Anonymizer Exception

Jump to solution

I have combined my Firewall and Applications and URL Filtering Policy now into a single layer and have a question about if I can add an exception to an Anonymizer category/OpenVPN?

I have created default recommended categories to block near the top of my rule base as attached.

I have a rule a few lines further down that requires OpenVPN which at the moment is being blocked due to the rules at the higher level.

I don't really want to move my rules above my recommended block rules, so was seeing if you are able to add an exception for the OpenVPN application to be allowed for a specific source and destination if possible?

This means I can leave all my rules in place and the exception would only allow this specific traffic from working.

Thanks

0 Kudos
1 Solution

Accepted Solutions
Advisor

Category Override only works for URL, so I don't see a way to not have OpenVPN dropped at the Block Anonymiser Rule.

 

When you block categories then rules that allows Apps/URLs that would be blocked need to be placed above where they are blocked.

Don't see a way around that, when customers want to generally block file sharing and storage then rules where they want OneDrive or DropBox get placed above that block rule for the category.

Don't really see the issue with the structure, otherwise would be creating lots of exceptions constantly to allow specific apps within a category that don't want general access too.

View solution in original post

0 Kudos
1 Reply
Advisor

Category Override only works for URL, so I don't see a way to not have OpenVPN dropped at the Block Anonymiser Rule.

 

When you block categories then rules that allows Apps/URLs that would be blocked need to be placed above where they are blocked.

Don't see a way around that, when customers want to generally block file sharing and storage then rules where they want OneDrive or DropBox get placed above that block rule for the category.

Don't really see the issue with the structure, otherwise would be creating lots of exceptions constantly to allow specific apps within a category that don't want general access too.

View solution in original post

0 Kudos