Duplicating "Allow inbound traffic from special IP addresses" allows all traffic that hits the rule

Technical Articles ID: KB92563
Last Modified: 2021-12-17 12:49:02 Etc/GMT

Environment

Endpoint Security (ENS) Firewall 10.x

Problem

After you duplicate the core networking rule "Allow inbound traffic from special IP addresses," the ENS Firewall allows all traffic that hits the rule.

Cause

ENS has hard-coded the rule "Allow inbound traffic from special IP addresses" with special IP addresses 0.0.0.0 and 0000:0000:0000:0000:0000:0000:0000:0000. Duplicating this rule is allowed. But, when you open the rule, you can see that the IP address field under Remote Network is empty, denoting an "invalid address."

Solution

Don’t duplicate the rule "Allow inbound traffic from special IP addresses." If the mentioned special IP addresses need to be allowed, enable the built-in rule because the rule isn’t meant for duplication.

Affected Products

Endpoint Security Firewall 10.7.x
Endpoint Security Firewall 10.6.x

Languages:

This article is available in the following languages:

English United States
Spanish Spain
French
Italian
Japanese
Portuguese Brasileiro
Chinese Simplified

Knowledge Center

Duplicating "Allow inbound traffic from special IP addresses" allows all traffic that hits the rule

Environment

Problem

Cause

Solution

Affected Products

Languages:

Title

Title

Knowledge Center

Duplicating "Allow inbound traffic from special IP addresses" allows all traffic that hits the rule

Environment

Problem

Cause

Solution

Affected Products

Languages:

Choose your region

Title

Title