one quick question.
I want to deny traffic for a specific Role in Policy Manager.
So the aim is that traffic from that Role is denied if the Destination is for example
the subnet 192.168.1.0/24 with Port 22 (SSH).
I have tried to forbid this traffic with IP TCP Port Destination but it doesn't work for a subnet and also if i will insert a single host.
Only IP Socket Destination denied that traffic for a single host but it was not possible to insert a complete subnet in this application mask.
So where is my fault?
Is it possible to deny such traffic for a complete destination subnet.
I don't understand also the difference between IP Socket Destination and IP TCP Port Destination.