Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 14 replies
  • Subscribers 44 subscribers
  • Views 22273 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Rule to allow an specific application only

Robert152

Hello,

 

It's possible to create a rule to allow only one application? for example WhatsApp.


I tried, but the rule allows extra traffic



This thread was automatically locked due to age.
Parents
  • 0

    Hi Robert,

    you will need both web and application rules or you can create a fqdn and use that as a destination.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 EAP

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    It's posible to post an example with images? (ex. WhatsApp)

  • +1 in reply to Robert152

    Hi Robert,

    I have setup a rule at the bottom of my rule table, yours would be at the top so that the rule is used.

    Please see the following screenshots. I have also but not required included match known users. I use clientless groups to manage access to various rules and networks.

    The first screenshot shows the selection of the whatsapp applications. There is a screenshot missing and that is the one used to setup the application rule.

    I hope you find this helpful?

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 EAP

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    FQDN * .whatsapp.net and web policy added to the rule.

    I just need a few days to try it.

    But I do not find this logical at all.

    I think it's complicated to allow a specific application that is also already recognized by the firewall ...

  • 0 in reply to Robert152

    Hi Robert,

    you have to create a application rule so that the already identified application is the only one you choose.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 EAP

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hi, 

     

    In Destination Network what you have inside "Whatsapp test". All the IP of whatsapp or fqdn. Can you share with us the information that its inside. 

     

    Thanks. 

Reply Children
No Data
Unfiltered HTML