my question is simple. I found out that the global L3 firewall is statefull, but is the L3 firewall under the group-policy stateful? Because from my test it doesn't seem to be so.
Solved! Go to Solution.
Are you kidding me?
I hope this is not the case because that would be plain silly.
Applying a group policy that has L3 rules only enforces rules at the MX or MR depending what is closest to you, and those devices do it stateful, so why do you think it would be stateless, that makes absolutely no sense and that would break alot of designs.
Then please share how you set up your test and what TCP/UDP port you explicitly allowed outbound in a group policy that didn't allow return traffic.
Well, same result in my lab as well
I think it's stateless because I've tested it out in my lab and proven that it is stateless.