09-19-2016 09:29 AM - edited 09-19-2016 09:41 AM
Hi,
I think something not right with behavior changes on the release 7.1 with application defaults.
Now my firewall blocking Sophos clients from communicating with my remote Sophos servers
Sophos uses standard ports but look the firewall cannot catch the application ID and catching it as SSL on the port 8192/8194 and that make it not matching with my general rule on application default.
Any idea how we solve this? do I need to create rule for each software my client using? (Really)
09-19-2016 12:02 PM
Generally you would just create a custom application ID. Since you already know the IP addresses and the ports that they are going to that would be the route that I would take if you are blocking traffic on non-standard ports. Shouldn't take more than a few minutes per custom application.
09-19-2016 02:26 PM
Any application using SSL its not going to match the application default if it is not using 443. so far IMAP, secure SMTP, Sophos .. etc are been blocked by the default interzone rule. changing the general rule from application default to any that fix the problem but open all ports.
09-19-2016 02:57 PM - edited 09-19-2016 02:57 PM
Hi,
So anyway when you changing your rule to "any" as a service the Sophos app still identified as SSL not actually sophos-rms?
Can you upload manually app database and reinstall it or revert back to the previous version and see if this will make a difference.
Thx,
Myky
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
