Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MD1
New Contributor

Created on ‎06-22-2022 05:21 AM

about Application and filter overrides

Hi

I blocked Remote Access category in Application Control, then added and allow (RDP) in application and filter overrides, but (RDP) not work ! any suggestions please.

 

thanks

Labels:
1986
0 Kudos
5 REPLIES 5
Anthony_E
Community Manager
Community Manager

Created on ‎06-25-2022 11:12 PM

Hello MD1,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Regards,

Anthony-Fortinet Community Team.
1965
0 Kudos
MD1
New Contributor
In response to Anthony_E

Created on ‎06-26-2022 12:00 AM

I appreciate that.

Thank you.

1958
0 Kudos
sjoshi
Staff
Staff

Created on ‎06-26-2022 01:17 AM

Dear MD1,

 

Thank you for posting to the Fortinet Community Forum.

 

Problem Description:-
You have blocked Remote Access category in Application Control but have allowed RDP application in application filter override but it is not working

 

I have attached a snapshot of app control configuration to meet your requirement. Please check whether you have configure the same way. Please share me the snapshot of your app control configuration.

Capture.PNG

 

Please check the same app control has been implemented in the policy.
Also please share the logs of app control where it is blocking RDP.

 

Let us know if this helps.

 

Thanks

Let us know if this helps.
Salon Raj Joshi
1951
0 Kudos
MD1
New Contributor
In response to sjoshi

Created on ‎08-01-2022 04:01 AM Edited on ‎08-01-2022 04:02 AM

Thank you for you effort. I make all categories allowed but same issue!

And I checked logs and I found the action is : TCP reset from client!

 

1840
0 Kudos
vponmuniraj
Staff
Staff

Created on ‎06-26-2022 07:46 AM

Hi, 

 

Check the order of the rules in the cli and move the entry to whitelist RDP to the top. 

 

For example, the entries should be similar to the below: 

config application list
edit "RDP_allow"
set other-application-log enable
config entries
edit 1
set application 15511
set action pass
set log disable
next
edit 2
set category 2 6 7
next
end
next
end

 

Regards,

Vignesh
1940
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.