Dear all
I have a FG3040B box running with FortiOS 4.0 MR2 Pathc10(AV, DLP and WebFilter
are not licensed).
I want to block all P2P application traffice except Skype, Skype.Communication,
I set the P2P application filters and apply them to the firewall policy correctly.
These days,I noticed strange behavior of FG3040B box.
IMAPS and Skype traffics are blocked by IPS signature as " eDonkey" ,sometimes even
HTTP and HTTPS blocked,too.
Surely,some internal users are banned and blocked with IMAPS, Skype(and HTTP, HTTPS)
and logged as " eDonky" in same time.
I run the debug command to get diagnostic information, but in vain. That made FG304B
box freezed only(FG3040B box is running under the heavy traffic. Many restiriction
rules of IPS, IDS may caused ? )
So I can not still open the case in TAC.
Is this a false possitive signature of " eDonkey" ?
I' m sure that the signature of " eDonkey" is spoiled.
If so, what can I do ? I lost my way.
Best regards
==
kaorin