Solved: Re: Traffic not hitting acess policy rule (FMC)

ITTEAM6196842 · ‎02-24-2023

Hello,

I have a rule setup on my FMC from my exchange servers to my smtp gateway with smtp/smtps/ping as destination ports, logging enabled and allow action.

On the connection > events logs, i see all trafic coming from exchange servers to my smtp gateway on port 25 as BLOCKED by the default deny deny rule. I don't get why it is not hitting my allow rule.

Any suggestions?

Thanks!

ITTEAM6196842 · ‎02-24-2023

Okay i've created a copy of the rule with "any" in applications column rule and kept the destiantion ports as they were in the original rule. now the traffic is hitting this new rule .. i think the problem was that that traffic i was seeing the on the logs didn't have any application match "blank" and so it was denied by the implicit deny rule ?!

View solution in original post

Rob Ingram · ‎02-24-2023

@ITTEAM6196842 please provide a screenshot of the rule you've configured.

ITTEAM6196842 · ‎02-24-2023

here is the rule

ITTEAM6196842 · ‎02-24-2023

Okay i've created a copy of the rule with "any" in applications column rule and kept the destiantion ports as they were in the original rule. now the traffic is hitting this new rule .. i think the problem was that that traffic i was seeing the on the logs didn't have any application match "blank" and so it was denied by the implicit deny rule ?!