I am not trying to block anything. I am trying to allow a pass and log from the internal interface to the external interface. Nothing shows up in the event log that indicates that it passes or logs - or blocks. If I change the rule to Block and Log, it does block and log.
Yes. If I choose to block and log, it does block and indicates that in the event logs. However, I don't want to block, I want to pass the connection. That is what isn't happening - passing and logging. I would be glad to send a screenshot to show that the block rule does block and log, but I'm not sure how that would resolve the problem I am having.
1.) How you're misinterpreting what you're seeing
2.) To wait for a moment while he attempts to duplicate it.
Pictures are worth 1000 words after all, pass the detail and DMorris will set you straight. If it's a bug, he'll tell you. If you're doing something wrong, he'll tell you.
Stop Guessing, start Troubleshooting, pass the picture.
Thank you for your reply. I have attached a screenshot of the event log entry when it is blocked with a block and log rule. I also have attached a screenshot of the rule. As I have said, if I make it pass and log, it doesn't pass and it doesn't log.
I have masked the ip of the internal server, but rest assured that I am using the correct ip in the rule. Thanks.
Well "xxx.xx.xx.xx" != "220.127.116.11"
"xxx.xx.xx.xx" won't match anything.
So that rule is not going to match anything.
I thought you said this was near the top?
According to the event log its matching rule #48, which has 47 rules above it.
This is why we ask for screenshots.
Last edited by dmorris; 04-06-2012 at 02:25 PM.
The rule actually uses 18.104.22.168. I only masked it for security purposes.
I had the rule at the very top, but a post to the forums earlier suggested that I move it farther down to just before the Block all rule, which is last. I didn't think that would make a difference, but I tried it anyway and got the same result. It has been moved back to the top and I get identical results.
There is no way we're gonna be able to debug this with faked and random screenshots.
I'd just call support. They'll be glad to help you.
Last edited by dmorris; 04-06-2012 at 08:25 PM.