Help allowing .dll files for VPN users

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Help allowing .dll files for VPN users

L0 Member

Hi,

 

Like everyone, we have a lot of folks working from home. We use a CRM system called Ajeera, and in order to load up the various modules, the client system downloads an app from the server, which includes a .dll file. In the office, it works just fine, over VPN the .dll file is blocked. (It's a "ClickOnce" app, which is a new term to me, but it seems to be relevant)

 

I'm a little new to the firewall rules game, so I was hoping if someone could tell me if I'm on the right track. The model is PA-220, software is 9.0.9-h1. Nothing overly fancy about the setup.

 

I created a new security policy, set the source as the server specifically (192.168.x.x./32), destination is VPN zone.

Added the group profile "internal", which includes the Internal FB security profile, which I see does not block .dll files.

 

I assume I'll need to position this new policy above the policy that is blocking the .dll files. I've saved the config but not committed it. (Would this sort of change cause a reboot upon committing?)

 

I'm obviously not looking for, "Hey, nice job, mate! You did it perfectly!" as there's tons of details missing.  Just wondering if my logic is sound.  Also wondering if committing will cause a reboot, that's not clear to me.

 

Thanks!

Mike

1 REPLY 1

Community Team Member

Hi @10Thirteen ,

 

Yes that sounds about right.

A commit should not trigger a reboot ... that said, I've seen cases where commits disrupted traffic and/or even disconnect VPNs.  So you might want to schedule this during a maintenance window.

 

Cheers,

-Kiwi.

 
LIVEcommunity team member, CISSP
Cheers,
Kiwi
Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
  • 2444 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!