Firewall policy flow for web filtering

Forum|Forum|10 years ago
February 4, 2016
1 reply
3007 views

Hi,

Let's say we have 2 firewall policies, 1st policy said that user AAA can access to Streaming websites only, other categories website all blocked. 2nd policy said that user AAA can access to free software download websites only, other categories website all blocked. So the question here is user AAA can access to free software download websites or not? because the firewall policy check is from top to bottom, if the 1st policy hit and deny the traffic for free software download, then will it go to 2nd policy?

5.2

emnoc

New Member

No it's top down, 1st match. fwiw; the diag debug flow cmd will show you want policyid is being match and the action. It's isn't like a try all policies until you get thru ;)

Becmade

New Member

indeed as a policy lookup going trough when he match the 1st policy that deny software downloads he won't go further as emnoc say :p

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded