Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
946
Views
0
Helpful
2
Replies

Is it possible to have networks and application filtering in the same access policy rule?

John.Barbour
Level 1
Level 1

‎02-04-2020 02:04 PM - edited ‎02-21-2020 09:53 AM

I am trying to get one of my servers access to microsoft updates via the application filtering. However, I think that it is not working because of no DNS capabilities. We want to point their DNS to Cisco Umbrella which I have created as objects. Can I add those networks in the same access policy, or do I have to create another policy to allow access?

Labels:
0 Helpful
2 Replies 2

Muhammad Awais Khan
Cisco Employee
Cisco Employee

‎02-04-2020 02:30 PM

Hi,

 

You need to create separate rules for your object ( networks ) with permit access and seperate for permitting microsoft updates.

 

For example, if you have single rule with networks added in destination and with microsoft updates selected then this rule will allow only microsoft updates traffic desitned to the networks define ( network you defined is for umbrella IPs)

0 Helpful

Rob Ingram
VIP
VIP

‎02-04-2020 02:34 PM

Hi,

I’d normally create a separate rule, permitting traffic only to the umbrella servers on the required ports, I would also place that rule near the top of the rule set.

 

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card