07-01-2020 08:03 AM
I have a rule that allows the application radius but is isn't matching my radius traffic. The problem is that my radius traffic isn't on a default port udp/1814. With service set to "application-default" the traffic is identified as radius but is denied. Sure I can change the service to "any", but what I would really like to do is define a new application for radius that defaults to port udp/1814. I've defined a new application "radius-1814"; set the port; set the parent application to radius. The firewall never matches application radius-1814, only application radius.
Any hints on how to get my custom radius-1814 application definition to work?
07-01-2020 11:27 AM
The way that you have it configured currently you wouldn't expect it to work; the firewall doesn't have any signatures associated with your new application, and therefore is unable to automatically identify the traffic. You'll need to look at creating an application-signature for the traffic that'll actually match the new application, or configure an application-override entry and override the traffic to your custom application.
07-01-2020 11:46 AM
That makes sense. I'm missing the signature. Because creating signatures for radius is a bit beyond my skillset at this time, I changed my policy to use the radius application then in services, instead of "application-default" or "any", I used "select" and specified my custom radius port. This is working for me.
07-01-2020 11:27 AM
The way that you have it configured currently you wouldn't expect it to work; the firewall doesn't have any signatures associated with your new application, and therefore is unable to automatically identify the traffic. You'll need to look at creating an application-signature for the traffic that'll actually match the new application, or configure an application-override entry and override the traffic to your custom application.
07-01-2020 11:46 AM
That makes sense. I'm missing the signature. Because creating signatures for radius is a bit beyond my skillset at this time, I changed my policy to use the radius application then in services, instead of "application-default" or "any", I used "select" and specified my custom radius port. This is working for me.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
