Custom application definition for radius on a different default port

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Custom application definition for radius on a different default port

L0 Member

I have a rule that allows the application radius but is isn't matching my radius traffic.  The problem is that my radius traffic isn't on a default port udp/1814.  With service set to "application-default" the traffic is identified as radius but is denied.  Sure I can change the service to "any", but what I would really like to do is define a new application for radius that defaults to port udp/1814.  I've defined a new application "radius-1814"; set the port; set the parent application to radius.  The firewall never matches application radius-1814, only application radius.  

  

Any hints on how to get my custom radius-1814 application definition to work?

2 accepted solutions

Accepted Solutions

Cyber Elite
Cyber Elite

@Will_Baldwin,

The way that you have it configured currently you wouldn't expect it to work; the firewall doesn't have any signatures associated with your new application, and therefore is unable to automatically identify the traffic. You'll need to look at creating an application-signature for the traffic that'll actually match the new application, or configure an application-override entry and override the traffic to your custom application.

View solution in original post

That makes sense. I'm missing the signature.  Because creating signatures for radius is a bit beyond my skillset at this time, I changed my policy to use the radius application then in services, instead of "application-default" or "any", I used "select" and specified my custom radius port.  This is working for me.

View solution in original post

2 REPLIES 2

Cyber Elite
Cyber Elite

@Will_Baldwin,

The way that you have it configured currently you wouldn't expect it to work; the firewall doesn't have any signatures associated with your new application, and therefore is unable to automatically identify the traffic. You'll need to look at creating an application-signature for the traffic that'll actually match the new application, or configure an application-override entry and override the traffic to your custom application.

That makes sense. I'm missing the signature.  Because creating signatures for radius is a bit beyond my skillset at this time, I changed my policy to use the radius application then in services, instead of "application-default" or "any", I used "select" and specified my custom radius port.  This is working for me.

  • 2 accepted solutions
  • 2678 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!