Working with Custom Protocols and/or Non-Compliant Protocol Implementations

1. Create a New Protocol called TCP-80 (outbound). Do not associate any Application Filter with it.

2. Create a new Rule for this Application and give it an exact Source and Destination.  It will probably need to be anonymous (“All Users”).  Use the new Protocol in the Rule.

3. When the Rule is complete,…copy the rule,…and place the “copy” directly below the one you just copied.  These two Rules must be kept “paired” together.  Change the Action on this Rule to Deny,…and change the Protocol to the original HTTP Protocol with the Application Filter intact.

4. So the two Rules are identical except the Action is Allow on the first one and Deny on the second one,…and the Protocol is the custom “TCP-80” on the first rule and the orginal HTTP Protocol is on the second.

5. This Pair of Rules must be higher in the Rule list than any other outbound HTTP Rule.

6. If you do not make the Source and Destinations to be exact & specific,…you will fail.     If you do not have the two rules be identical except the Action and Protocol,…you will fail.  If other HTTP based Rules are above them in the Rule list,…you will fail.   If the two Rules in the “pair” are in the wrong order,…you will fail,…it must be Allow with Custom Protocol first, then Deny with Original Protocol second.

7. The method is exactly the same for any custom protocol that matches an original protocol minus the Application Filter from the original

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: