Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
06-19-2018 03:40 AM - edited 06-21-2018 02:05 AM
i,
We are having a weird behaviour with rtcp-base and rtcp apps.
06-20-2018 12:49 PM
Set the application like you have it.
Change the service field to "application-default". Or, if you are running rtp/rtcp on non-standard ports, then list those ports here.
06-19-2018 08:09 AM
What does eithe security policy actually look like, could you post how you have those configured as well?
06-19-2018 08:37 AM - edited 06-21-2018 02:04 AM
Hi,
06-19-2018 08:45 AM
I'ts because you have an application specified when specifying the service as 'any'. The first few packets in a flow are unable to be identified as rtcp or rtp-base traffic and will therefore match your Temp rule until the traffic is identified. When the application changes and goes back through the security policy it will match your 'Telefonica Hacia Sede' policy as it now has the proper app-id identified.
06-20-2018 12:10 AM - edited 06-20-2018 12:37 AM
Yes, but we dont see "incomplete" and some sessions are matching with the same values. So if we dont have a below rule with any, this traffic would be denied??? What it would be the best practices to match only in the correct rule?
06-20-2018 12:49 PM
Set the application like you have it.
Change the service field to "application-default". Or, if you are running rtp/rtcp on non-standard ports, then list those ports here.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
