Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Alex_Weldon
Contributor

Custom Application by destination address / port combination?

Hi - R77.30

Using custom applications, I don't see a way to identify an application by destination address and port combination. Is this not currently supported in R77.30 / App control signature tool? I see there are various other ways to define but none that fit this particular case.

0 Kudos
8 Replies
G_W_Albrecht
Legend Legend
Legend

In R77.30 App Control this can be defined very easily:

- Application & URL Filtering > Applications/Sites > New

- type name for App (mySpecialSite) and click Next

- type IP (172.27.39.198:8080), click Add and click Next

- select Additional Categories and click Next

- click Finish

- use App in policy

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Alex_Weldon
Contributor

Thanks for that, what about an address range? 172.27.39.0/24 lets say.

0 Kudos
G_W_Albrecht
Legend Legend
Legend

An address range is no site.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
G_W_Albrecht
Legend Legend
Legend

...but you could try a regular expression instead !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Alex_Weldon
Contributor

Thanks, yeah I wasn't quite sure how to best address it. We have a few applications that reach out to a variety of address ranges with a defined port. But, they always show as unknown traffic wasn't sure if there was a solution for it in 77.30. Thank you for the suggestions though.

0 Kudos
Victor_MR
Employee Employee
Employee

However, I'm wondering if you would not prefer to just use a regular firewall rule for this (also full accelerated traffic) instead of an Application Control rule with just layer 4 information.

🙂

0 Kudos
PhoneBoy
Admin
Admin

The "Services" column is hidden in the R77.30 App Control rulebase but can be shown by right-clicking on the section headings in the rule and selecting Service.

Now you can restrict the ports for any App Control rule, if you desire.

0 Kudos
Alex_Weldon
Contributor

Thanks everyone for the suggestions. The rule is defined on the firewall side already with defined source, destination, and services. The issue I am trying to resolve is on the app control/url filtering side of things, all of the allowed known traffic is categorized as "Unknown Traffic" So we can sometimes have 1-2 gigs of "Unknown Traffic" even though it is a known and defined application which is what we were hoping we could define. I reached out to TAC who said they could create a custom application based on packet captures so I will provide them and see how it goes.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events