Skip to main content
MD1
MD1
New Member
June 22, 2022
Question

about Application and filter overrides

  • June 22, 2022
  • 3 replies
  • 3417 views

Hi

I blocked Remote Access category in Application Control, then added and allow (RDP) in application and filter overrides, but (RDP) not work ! any suggestions please.

 

thanks

3 replies

Anthony_E
Staff
Anthony_E
Staff
June 26, 2022

Hello MD1,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Regards,

Best Regards
MD1
MD1Author
New Member
June 26, 2022

I appreciate that.

Thank you.

sjoshi
Staff
sjoshi
Staff
June 26, 2022

Dear MD1,

 

Thank you for posting to the Fortinet Community Forum.

 

Problem Description:-
You have blocked Remote Access category in Application Control but have allowed RDP application in application filter override but it is not working

 

I have attached a snapshot of app control configuration to meet your requirement. Please check whether you have configure the same way. Please share me the snapshot of your app control configuration.

Capture.PNG

 

Please check the same app control has been implemented in the policy.
Also please share the logs of app control where it is blocking RDP.

 

Let us know if this helps.

 

Thanks

Thanks, Salon
MD1
MD1Author
New Member
August 1, 2022

Thank you for you effort. I make all categories allowed but same issue!

And I checked logs and I found the action is : TCP reset from client!

 

vponmuniraj
Staff
vponmuniraj
Staff
June 26, 2022

Hi, 

 

Check the order of the rules in the cli and move the entry to whitelist RDP to the top. 

 

For example, the entries should be similar to the below: 

config application list
edit "RDP_allow"
set other-application-log enable
config entries
edit 1
set application 15511
set action pass
set log disable
next
edit 2
set category 2 6 7
next
end
next
end

 

Regards,

    Terms & ConditionsAccessibility statement