Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

TZ400 - App Rules - new fw 6.5.4.9-92n

BartManBartMan Newbie ✭
edited January 2022 in Entry Level Firewalls

Anyone else experiencing some funkiness with app rules that were previously working since updating to the new build  6.5.4.9-92n ?

Suddenly a host that was previously able to use VNC via an app rule exception ( and their backward exception logic ) is only getting some two-way communication to the target before IDP intercepts and kills the connection. Packet monitor shows the connection is reset as below:

-------------------------------------------

DROPPED, Drop Code: 131(IDP detection DROP_IP_IDP_RESET_CONNECTION), Module Id: 25(network), (Ref.Id: _7476_uyHtJcpfngKrRmv) 2:2)

Category: Entry Level Firewalls
Reply
Tagged:

Best Answer

  • CORRECT ANSWER
    BartManBartMan Newbie ✭
    Answer ✓

    This one was my fault entirely.

    Apparently the VNC flavor I was using was also using SOCKS, and app filter was blocking the socks component and I had to make a separate allow for SOCKS.

    Had to monitor the event viewer to realize that. Duh.

Sign In or Register to comment.