Extreme Networks

PPat · ‎10-29-2020

I’m trying to block Netflix by extending an existing IP firewall rule.

Some more entries on top of the below, the two lines referring to netflix is what I have added

ip-policy Guest-FW id 28 from 0.0.0.0 0.0.0.0 to 0.0.0.0 0.0.0.0 service "L7-NETFLIX VIDEO STREAM" action deny log packet-drop
ip-policy Guest-FW id 29 from 0.0.0.0 0.0.0.0 to 0.0.0.0 0.0.0.0 service "L7-NETFLIX SITE" action deny log packet-drop
user-profile GUEST_WIFI security ip-policy from-access Guest-FW
user-profile GUEST_WIFI ip-policy-default-action permit

I’m not sure why but this doesn’t seem to be working

Version: HiveOS 8.2r4 build-207023
app signatures ver 5.3.4

SamPirok · ‎10-30-2020

You should only need to add those two rules and set the action to deny, which I can see you’ve done already. I’d recommend opening a second case for the firewall issue so our techs can start collecting logs to dig deeper in to this issue with you.

PPat · ‎10-29-2020

yes, the part of the config I have showed before is taken form an actual AP.

We’d really want to upgrade to the latest but our HM isn’t in the best state at the moment so this is not possible - pending case

SamPirok · ‎10-29-2020

Is the AP configuration fully updated? If it is, I might recommend updating the firmware to the latest version to make sure you have all the available bug fixes in place.

Extreme Networks

AP130 Firewalls - application deny not working

AP130 Firewalls - application deny not working