Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Google chrome block

Hi team,

Update of google chrome is geeting block in firewall through application control. In logs we didn't get a prevention logs also I found update for google chrome is allowed in application control setting.

Any suggestion

Category: Firewall Security Services
Reply

Answers

  • shiprasahu93shiprasahu93 Moderator

    Hello @Darshil,

    Please navigate to MANAGE | Log | Log settings and disabled the log events for App control Detection alerts as below.

    Also, make sure that the App control Prevention alerts are enabled with log redundancy value set to 0.

    You should be then able to see the signature that is blocking the update for Google Chrome.

    Also, feel free to perform packet capture for the source IP from where you are testing using the packet capture tool to make sure there is no other security feature interfering. You can check for dropped packets to confirm the same.

    If you still need further help, let us know!

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • NevyadithaNevyaditha Moderator

    Hi @Darshil ,

    To Add to the above information, Can you please check the App rules on the Sonicwall and policies if you have any that would be blocking the Chrome updates ?

    Thanks

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • DarshilDarshil Newbie ✭

    @shiprasahu93 I already did that but havent found any signature related to google chrome blocking.

    @Nevyaditha No app rule policy is configured in firewall. we only do blocking via app control and cfs.

  • NevyadithaNevyaditha Moderator

    Hi @Darshil,

    Can you confirm if these signatures ID "11819 and 14146" on App Control are enabled or disabled ?

    Also as a workaround, can you add a IP address to the App control exclusion and check if the chrome updates is working or not ?

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • shiprasahu93shiprasahu93 Moderator

    @Darshil,

    What is the drop reason that you see on packet capture? It could be either CFS or App control. When packets are dropped by CFS it tells 'Enforced Content Filter Policy' and 'IDP detection' for App control.

    Could you please try to perform a packet capture so that we can narrow down which security service might be an issue?

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • DarshilDarshil Newbie ✭

    @Nevyaditha I will check by tomorrow whether signature you given i disable or not.

    Yes we tested by excluding IP address in app control, its works fine after excluding from app control.

  • DarshilDarshil Newbie ✭

    @shiprasahu93 we were getting drop code"IDP detection" in packet capture.

  • NevyadithaNevyaditha Moderator

    @Darshil ,

    Please verify and keep us updated as how it goes.

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • DarshilDarshil Newbie ✭

    @Nevyaditha we checked and found both the signataure is disable in our firewall.

  • shiprasahu93shiprasahu93 Moderator

    @Darshil,

    I would suggest looking for logs using the source IP field. There might be a different App control signature causing this.

    We have a lot of Google related signatures. Can you filter the logs for the source IP you are testing from and look for all App control prevention alerts.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • NevyadithaNevyaditha Moderator

    @Darshil ,

    I would agree with @shiprasahu93 . Please enable the logging under the App control and filter the logs for the source IP of the machine and set the log redundancy to 0 for App control prevention category and then monitor it.

    Nevyaditha P

    Technical Support Advisor, Premier Services

  • NevyadithaNevyaditha Moderator

    Hi @Darshil ,

    Please check the below KB on how to filter the Logs:

    Please filter the logs for the App control Prevention category and find the signature that is blocking the Chrome update.

    Thanks!!

    Nevyaditha P

    Technical Support Advisor, Premier Services

Sign In or Register to comment.