i still have an issue with the network quarantine, in my case i need to permit access to a private laboratory network in case the definitions is not updated.
The network is 169.254.0.0/16.
I have changed the Internet shield 8 settings of the client editing under rule --> security level --> network quarantine and addind at the top the spcific rule Allow --> all IP trafic <-> 169254.0.0/16
Seems that the client when the definition are not updated still continue to block the network.
Anyone could help me?
THAT is a very weird setup.
If a system gets an address 169.254.x.x it means it has no connectivity to DHCP or no connectivity at all.
But the "Quarantine" ruleset will always allow the system to obain a DHCP-address, regardless of it's protection status. Addresses in that range are not routable, must not be forwarded and are prone to address collision (see: https://tools.ietf.org/html/rfc3927)
So what is your idea of allowing that range? Any such implementation should not be needed.
As the rule you created looks fine,did it really arrive at the host? is it active?
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support agents and get answers to your questions