Application control & URL Filtering 77.30

Javad_Nicou · ‎2018-05-01

Hi Guys ,

I have r77.30 and not sure why incoming traffic from internet are going through this blade .

PhoneBoy · ‎2018-05-02

First of all, how do you know this is happening?

Second of all, do you have any App Control rules where the destination is not "Internet" but, say, "Any"?

Those are my initial guesses.

Javad_Nicou · ‎2018-05-02

PhoneBoy · ‎2018-05-02

That answers the first question, how about the second?

Javad_Nicou · ‎2018-05-02

PhoneBoy · ‎2018-05-02

Internet is determined by topology.

Which means the egress interface for the traffic from the gateway would be out an "external" interface for this to match.

Can you confirm this is the case?

(Of course, if you're also doing IPS on this gateway, you're taking the Medium Path hit already for the traffic going to your server anyway...)

Javad_Nicou · ‎2018-05-02

Hi Mate ,

Thanks for your time . I checked my topology and interface is leading out to Internet . I have internet facing firewall and then that firewall send traffic to the second firewall which is connected to reverse proxy and web server .

PhoneBoy · ‎2018-05-02

So the traffic is flowing like this:

Internet > FW > (Out external interface) > Other FW > Reverse Proxy > Web Server

If that's the case, it's expected behavior, as I said.

With R80.10 it would be possible to exclude this traffic from App Control with an appropriately designed policy.

Are you a member of CheckMates?

Application control & URL Filtering 77.30