This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Why UTM is allowing traffic when the top firewall rule is to drop for certain clients

Not sure what I am doing wrong.

I have defined a range of client IP address x.x.x.15 - x.x.x.50 for no Internet access. My firewall rule is as per attached.

Why the client machines in the IP range defined in "No Internet" are still able to browse Internet?

Does the range need to follow standard network range such as /32, /30, /28 etc or can it be any range?

Can someone, please help?

This thread was automatically locked due to age.

Parents

0 Scott_Klassen over 9 years ago

Proxies have a higher precedence than manual firewall rules, so if you've allowed traffic via use of a proxy, the manual firewall rule will not be evaluated. If using the Web Filtering for that host, you'll either need to block its' access in the proxy, by creating a blackhole NAT (NAT has higher precedence than proxy), or adding the host to the transparent skiplist (if using the proxy in transparent mode).

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Scott_Klassen over 9 years ago

Proxies have a higher precedence than manual firewall rules, so if you've allowed traffic via use of a proxy, the manual firewall rule will not be evaluated. If using the Web Filtering for that host, you'll either need to block its' access in the proxy, by creating a blackhole NAT (NAT has higher precedence than proxy), or adding the host to the transparent skiplist (if using the proxy in transparent mode).

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data