Aerohive Migrated Content

Expand all | Collapse all

My firewalls rules stop working

  • 1.  My firewalls rules stop working

    Posted 12-05-2018 16:35

    My firewalls rules stop working, We have AP141, the firewall policy is declared on the profile, application rules are specified and deny on action, update my devices but is not blocking, either application or simple url like netflix.com, any one can help?, thanks in advance



  • 2.  RE: My firewalls rules stop working

    Posted 12-05-2018 21:09

    What HiveOS are you using? We'll want to stay current so we can be sure to use the latest application signatures, so we can best interact with the different applications we're interfacing with. If you are on the latest HiveOS, could you send me a screen shot of your firewall rules and possibly tech data from the AP? If you'd like to send this to me directly, please feel free to use communityhelp@aerohive.com.



  • 3.  RE: My firewalls rules stop working

    Posted 12-05-2018 23:12

    I make a complete ugprade of the AP now is 6.5r10, and the HiveOS is 8.2r2a, I attach the screen shots of the configurations, hope it be all the necesary info, tks.

    1

    2

    3

    4

    5

    6

    7

    8

     



  • 4.  RE: My firewalls rules stop working

    Posted 12-06-2018 14:43

    Thanks for those screen shots. I'm a little surprised these rules didn't cause issues before, the way that is set up is that we'd block traffic to the two applications you defined, and then your default action is set to deny as well, which should block all other traffic. So not ideal, but obviously not currently functioning as well.

     

    The help guide explains it in better detail- " If there is a MAC policy set for either direction (from-access or to-access) with a rule that matches the traffic and whose action is "deny" or if there are no matching MAC policy rules and the default MAC policy action is "deny", then the AP drops that traffic. If the traffic passes the MAC policy check, then the AP checks the traffic against the IP policy list following a similar process. If the traffic passes the IP policy check, then the AP forwards it."

    From- http://docs.aerohive.com/330000/docs/help/english/8.2r2/hm/full/Content/config/user/userD.htm

     

    Would you be able to send me tech data from an AP directly after you've successfully browsed to one of the resources we are trying to block? Please also include the MAC address for the client device you use when you replicate the issue so I can focus on the correct traffic and hopefully see why the firewall rules were not applied.

     

    To get tech data we want to go to Monitor> Select the check box next to the AP> Utilities> Get Tech Data. If you could email that to me at communityhelp@aerohive.com I can take a look for you and let you know what we find.