What we know about Strict Mode limitations
- sk112858 ATRG: Gaia Embedded Appliances
Blocks all traffic, in all directions, by default. In this mode, your policy can only be defined through the Servers page and by manually defining access policy rules in the 'Access Policy > Firewall Policy page'.
- sk110749 Application Control does not work on Locally managed Embedded GAIA devices
If the FW blade is set to Strict:
The Autoconfigured Application Control rule will be placed bellow ANY allowed rules you manually created: You will need to manually add another Block rule for applications you want to block above the allow rule.
- sk117832 How to open "Kerberos" protocol between two local networks of locally managed appliance, when Firewall on a "Strict" mode
Create a Policy rule that allows Internal network communication
- sk167236:1500 / 1570R gateway blocking internal SNMP polling traffic when Firewall blade is in strict mode
Creating outbound policy rule resolves the issue (Source Internal LAN, Destination ANY, Service SNMP, Action Allow).
- sk101187 In strict mode, Nodes behind 600/1100 are unable to access resources behind remote GW VPN tunnel
Add two rules - one for outbound and one for inbound on strict mode firewall for Incoming, Internal and VPN traffic section.
- sk106954 Blade updates fail when IPS set to "strict" mode on locally managed 600 appliance
CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist