Hi,
my question is simple. I found out that the global L3 firewall is statefull, but is the L3 firewall under the group-policy stateful? Because from my test it doesn't seem to be so.
thank you
Solved! Go to solution.
No. GP L3 firewall rules are not stateful.
No. GP L3 firewall rules are not stateful.
well, this complicates everything for me 🙂
but thank you for clarification
Are you kidding me?
I hope this is not the case because that would be plain silly.
Applying a group policy that has L3 rules only enforces rules at the MX or MR depending what is closest to you, and those devices do it stateful, so why do you think it would be stateless, that makes absolutely no sense and that would break alot of designs.
I think it's stateless because I've tested it out in my lab and proven that it is stateless.
Then please share how you set up your test and what TCP/UDP port you explicitly allowed outbound in a group policy that didn't allow return traffic.
Well, same result in my lab as well
@jdsilva wrote:I think it's stateless because I've tested it out in my lab and proven that it is stateless.
@GIdenJoe Sorry, busy afternoon over here. I'll try and get the details up in the next day or two.