ENS FW is blocking an application. Based on the event attached, I created a rule that allows all inbound TCP traffic and then added "IP1" as the local network. This is not working. Is this how I was supposed to configure it?
Solved! Go to Solution.
Hi @rbenson09
The adaptive rules would be found on the local console - same location as has already been mentioned by my colleagues. A group called "adaptive" can be seen. Or if you want to check via ePO you can navigate to the reporting section and look at "Firewall Client Rules".
See here for more details: https://docs.mcafee.com/bundle/endpoint-security-10.5.0-firewall-product-guide-epolicy-orchestrator-...
Hi @rbenson09,
Thank you for your post. I am afraid the rule may be flawed at the local Networks part. Can you try leaving the "Specify networks" part empty and check if that works (not a solution, just an attempt to isolate the problem here) ?
This will tell us if the network information is what requires a change here.
Hi @rbenson09,
Also, If you do not mind me asking, may I know if you have tried Adaptive mode and checked the automatic rules generated to see which rule or set of adaptive rules would help you keep this traffic allowed? Comes real handy at situations like this 🙂
i put it in adaptive mode. where would i check to find automatically generated rules?
Hi @rbenson09
The adaptive rules would be found on the local console - same location as has already been mentioned by my colleagues. A group called "adaptive" can be seen. Or if you want to check via ePO you can navigate to the reporting section and look at "Firewall Client Rules".
See here for more details: https://docs.mcafee.com/bundle/endpoint-security-10.5.0-firewall-product-guide-epolicy-orchestrator-...
Have you checked in the client console if the firewall rule has been received from ePO server?
where do you check that?
Hi @rbenson09,
Thank you for your response. To verify the rules in the client UI:
I have attached a Screen grab for your kind reference. I sincerely hope this helps!
Hello @rbenson09
Solely based on your screenshots, the rule seems to be configured properly.
However, are you absolutely sure that the application doesn't work because of this block?
You may find detailed troubleshooting procedure under this link:
*** How to troubleshoot an application or network traffic when using Endpoint Security Firewall
https://kc.mcafee.com/corporate/index?page=content&id=KB90662
Please let us know results.
Hi @rbenson09,
Thank you for keeping us posted. Did you get any chance to isolate which part of the rule was causing the issue?
Also, What is the functional impact here? Do we have a Service Request on this one for me to look at? We can assist you over a remote session in few minutes to identify the issue precisely and possibly resolve as well.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA