03-09-2019 12:44 AM
Hi All,
I configured the implicit deny (Universal Policy) policy at the bottom of security policies but after that, I could see that some of the Intrazone access got denied by the implicitly deny policy.
How we can achieve the Implicit deny policy without affecting the intrazone connections ??
Thanks in Advance...
03-09-2019 08:18 PM
By implicit Deny are you simply saying that you made essentially an 'any any' deny policy to capture any traffic that doesn't have a security policy?
Assuming that you are and that you are relying on your default intrazone policy to allow all of the traffic, the above policy isn't what you would want to do. You need to build out security entries for the intrazone traffic or make broad intrzone traffic allow policies above your implicit deny policy. I would personally recommend that you take the time to build out proper individual security entires to allow the traffic.
03-22-2019 01:32 PM
Universal includes both interzone and intrazone. If you have a universal deny policy, the behaviour you are seeing is operating as expected. Change the rule to interzone instead of universal and it should operate as you are expecting.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
