Yesterday, we had some problems with application control, which I didn't understand.
We use a central configured(SMP) 730 appliance with version R77.20.81 (990172541).
We also use the firewall blade in strict mode and the application control is activated too:
So we configured something like that:
Outgoing access to the Internet
|LAN networks||Internet||ANY||80, 443||Accept|
|LAN networks||Internet||ANY||50, 123||Accept|
Incoming, Internal and VPN traffic
|VPN Domains||VPN Domains||ANY||Any(encrypted)||Accept|
Additional we have the auto generated rules in the outgoing access tab(application control):
The undesired applications contains following elements:
So we tested the connection between to branches, which are connected via S2S VPN(which is working correctly).
The most protocols worked fine, but we had some problems with smp and rdp.
So i checked the log and found that:
There I could see that the application control blocks internal(vpn) traffic on the outgoing interface.
How we can see above, there aren't application block rules configured in the "Incoming, Internal and VPN traffic" section. Nevertheless the traffic over port 3389 between the internal networks 192.168.14.x and 192.168.10.y was blocked.
So I had to configure an outgoing rule for internal networks, which allows the communication between the defined vpn networks:
As soon as I activated this rule, the communication via the rdp and smb protocol was working properly.
Has someone the same problem?
Is this a application control bug?
Thanks a lot.