Troubleshooting blocks using Reports

The very first step to take will be to determine if the traffic is being blocked by one of the NGFW's layer-7 applications. Follow this process to bypass the device you're testing from: How to bypass traffic from filtering

If your connection still doesn't work correctly, it's not being blocked by an NGFW application. In that case, you may wish to contact Support for further assistance.

If bypassing allows it to connect properly, then read on for troubleshooting steps.

Now, we'll need to determine what NGFW application is affecting your traffic. To do that, you'll want to generate some example traffic to use in looking through Reports:

  • Grab the IP address of the computer you're testing from
  • Note the time
  • Try to connect however you normally would (open the app, click a 'connect' or 'refresh' button, &c.)

Next, go to Reports in the black bar at the top of the screen. In the top left-hand corner, click 'Add' next to Conditions, and select Client. Next, add the device's IP address in the field at the bottom:

This will filter any Report you view down to just traffic originating from that single IP address. Finally, click 'Today' next to Since and select '1 Hour ago':

Now any Report we view will only show us very recent traffic from that device, which will help us narrow down what's acting on that traffic.

Best place to start is Reports > Network > All Sessions, which shows us nearly everything the NGFW knows about a particular session. You may need to expand the Details pane at the right-hand side of the screen; it's sometimes collapsed/hidden by default. We also recommend checking Reports > Web Filter > Blocked Web Events if you're looking for port 80 or 443 traffic, as that data isn't included in the All Sessions report.

Once you've located the app(s) that is blocking that traffic, you'll be able to create rules within that specific app to ignore that traffic (which should allow this connection).

If no applications appear to be blocking this traffic, the next step would be to disable applications individually, testing the connection after each app. Once you've found the app that's filtering that traffic, you can create rules in that app to ignore it.

Was this article helpful?
0 out of 1 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Powered by Zendesk