Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1251
Views
0
Helpful
1
Replies

Firepower NGFW - Create a dependency in the Access Control rule

Go to solution
david.campeau
Level 1
Level 1

‎04-03-2020 01:48 PM - edited ‎04-03-2020 02:49 PM

e currently run the FMC 4500 and FTD 9300's, and am currently working on a new Access Control Rule, however I don't know that it is possible to create a dependency.  Let me explain.

 

We have a particular service that listens on 80 and 443.  I only want to allow 443 access if there is already an established 80 connection.  Is it possible to create a dependency to either allow or deny based on if an existing connection on port 80 is already there?

 

*Edit* Instead of a access control rule it would be snort?

 

Thanks,

 

David

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-03-2020 09:30 PM

I don't believe that's possible in the Firepower access control policy as the ACP entries are all processed top down with first match ending the rule processing (unless the action is "Monitor" but even that still doesn't have any parent-child type rule relationship).

That applies for both prefilter (traditional L4 5-tuple, no Snort) as well as ACP (L7) policies.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-03-2020 09:30 PM

I don't believe that's possible in the Firepower access control policy as the ACP entries are all processed top down with first match ending the rule processing (unless the action is "Monitor" but even that still doesn't have any parent-child type rule relationship).

That applies for both prefilter (traditional L4 5-tuple, no Snort) as well as ACP (L7) policies.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents