10-06-2014 08:21 AM
I've created a rule to allow only Dropbox downloads and not allow uploads. The rule doesn't appear to be working. Steps I've taken are below:
The rule still isn't working. When I upload something to dropbox, the logs still show it as 'allow' under Action.
(Dropbox Web interface, not desktop client is what I'm using)
Has anyone experienced this please?
10-06-2014 01:53 PM
No...I don't see any session identified as 'dropbox'. this came up for that session:
ms-ds-smb
| 63521 | ms-ds-smb | ACTIVE FLOW | 192.168.XX.XX[64077]/Monitor/6 (192.168.XX.XX[64077]) |
10-06-2014 01:56 PM
Hi Martin,
ms-ds-smb is microsoft traffic which is not at all drop-box.
It appears firewall is not finding dropbox application because of decryption or any other issue. Thats why its not taking intended action.
Can you please monitor session closely and provide me session detail.
Regards,
Hardik Shah
10-06-2014 03:23 PM
Can you please verify if the self signed certificate that was generated for SSL decryption is marked as CA and that forward trust and forward untrust options on the certificate are checked?
Speculating that dropbox traffic is not being decrypted. Following documents might be helpful for you:
SSL Forward Proxy (Man in the Middle)
How to Implement SSL Decryption
Thanks
10-07-2014 12:46 AM
Yes...All those options were set as required in the certificate
10-07-2014 12:49 AM
Hi,
In the rule I created, I set the URL category as 'online-personal-storage'. Do you think I need to use a custom category and specify the URL 'www.dropbox.com'?
10-07-2014 06:35 AM
Hi Martin,
Try with any URL and see if that works, while testing policy should be simplest.
If its not feasible than you can just check the traffic log, if traffic is hitting the same rule than you dont need it.
Regards,
Hardik Shah
10-08-2014 03:43 PM
Hi Martin,
Are you trying to block .jpg, .gif, .txt files. If yes, then they are not supported. Kindly refer following document.
When configuring file blocking, what does the "Any" option actually mean?
Regards,
Hardik Shah
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
