Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Champion
Champion

Unexpected execution of inline layer rules

I am going through CP labs (11 Security Management Lab.pdf) in Infinity R80.10 training and am observing that in this policy:

Rule 5.5 is being executed on the traffic that should've been subjected to the treatment by the cleanup rule 4.3.

Rules 4.x are in a layer with content filtering blade only and rules 5.x are in a layer with Applications and URLs.

Actually, all of the App Control and URL filtering rules continue working normally.

Can someone tell me why would this be the case?

0 Kudos
Reply
6 Replies
Admin
Admin

That would imply the traffic did not match Rule 4, which would be the only way for traffic to get to Rule 5.5.

What is the traffic in question?

0 Kudos
Reply
Champion
Champion

VODKA | Smirnoff was blocked with notification.

0 Kudos
Reply

are you sure the source was within 192.168.101.0/24 but was still matched for parent rule 4 which is sources for 192.168.102.0/24 ? 

0 Kudos
Reply
Champion
Champion

Positive.

0 Kudos
Reply

Can you share a screenshot of a log entry showing this?

0 Kudos
Reply
Champion
Champion

Sorry, can't do: this was a cloud lab that is destroyed now and I was too slow to get the logs.

If I'll have time, I'll try to replicate it in my own lab.

0 Kudos
Reply