cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Blocked by firewall

Jump to solution

Hello,

An endpoint with ENS is being blocked by McAfee ePo firewall, with the log being generated as follows:

"Time: 12/26/2019 01:40:17 PM
Event: Traffic
IP Address: 10.10.x.xx
Description: PROPHET BROKER SERVICE
Path: C:\Program Files\ProphetSuite\Prophet Worker\bin64\Broker.exe
Message: Blocked Incoming TCP - Source 10.10.x.xx : (63784) Destination 10.10.x.xx : (9008)
Matched Rule: Block all traffic"

So, what rule should I configure to whitelist this app? 

1 Solution

Accepted Solutions
McAfee Employee AdithyanT
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Blocked by firewall

Jump to solution

Hi @sanba06c,

Thank you for your response.

There are 2 ways to handle this.

  • If the goal is to allow an application, you can add them to trusted application in the options policy of Firewall.
  • If the goal is to allow the specific traffic, we need to find the below:

Is the source IP static? If yes, that would go under the allow rule's local IP.

If the remote IP is static or if the port is static, I would recommend adding them too.

I am sure this rule should help you bypass the Block All rule. The place for this rule should not be a problem since Block all is a hidden rule that is placed at the bottom of all customer rules.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

1 Reply
McAfee Employee AdithyanT
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Blocked by firewall

Jump to solution

Hi @sanba06c,

Thank you for your response.

There are 2 ways to handle this.

  • If the goal is to allow an application, you can add them to trusted application in the options policy of Firewall.
  • If the goal is to allow the specific traffic, we need to find the below:

Is the source IP static? If yes, that would go under the allow rule's local IP.

If the remote IP is static or if the port is static, I would recommend adding them too.

I am sure this rule should help you bypass the Block All rule. The place for this rule should not be a problem since Block all is a hidden rule that is placed at the bottom of all customer rules.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T

View solution in original post

Want to Ask a Question?

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community