Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Matlu
Advisor

No explicit traffic match.

Hello.

I have an explicit rule for SNMP traffic, through a S2S VPN.

The rule is working fine, except for SNMP traffic, because when our manager (Zabbix) sends SNMP requests (UDP/161) to resources on the other side of the VPN, the traffic is MATCHING with a "free" rule that is below our explicit rule.

Explicit Rule -> #98
Src: Local_Network_CP
Dst: Red_Remote_Cisco
Service: SNMP, SSH, HTTP, HTTPS
Action: Accept

Free Rule -> #140
Src: Red_Local_CP
Dst: Any
Service: Any
Action: Accept

Traffic such as SSH, HTTP, HTTPS, does match our explicit rule, but SNMP does not.

Any idea why this might be happening?

Regards.

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

Have you done any debugging to see how the gateway sees this traffic?
Guessing fw monitor might be the right tool for this...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events