This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Application filter keeps getting overwritten

Hello.  After importing some firewall rules from another XGS3300 running 19.5.0 over the weekend, each morning I'm coming in to find that we can't access the internet. When I check the application filter for "Block high risk (Risk Level 4 and 5) apps", which is the filter we are using for our web filtering firewall rule, all that's there is "All Applications".

I've fixed 2 days in a row by importing that filter set from the other firewall but I need a way to stop that filter from getting overridden.



This thread was automatically locked due to age.
  • Update:

    To rule out a possible hardware problems, I attempted to restore the config to alternate hardware, but the firewall booted into failsafe mode.  After rebooting, it looked like about half the config had been imported.  I suspect that indicates we had a corrupt configuration.

    I restored the alternate hardware to factory config and rebuilt the config from scratch.  A couple test meetings I did worked fine, with Teams showing the same very low packet loss stats I see at my other sites. 

    Thanks for the input rfcat_vk and Vivek Jaged

  • Hey  ,

    Thank you for the update, As Teams uses UDP Port for communication, On the CLI, select option 4.) Device console
     execute the following command:

    1. Type: show advanced-firewall

      The output shows the current UDP time-out value next to UDP timeout stream.

      1. Type: set advanced-firewall udp-timeout-stream 300

      2. Type: set advanced-firewall udp-timeout 300

        This command increases the UDP time-out to 150 seconds. If your provider recommends a different value, use that.
        Ensure under the PROTECT > Intrusion Prevention > DoS & spoof Protection > DoS Settings > UDP flood is not enabled
      3. Additionally you can also refer my recommended read -  Sophos Firewall: How to prioritize the traffic via SD-WAN for the applications

    Thanks & Regards,

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case

    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Reply Children
No Data