We have a client's firewall we are helping manage and there is a layer 7 ingress firewall rule the blocks all but 4 countries. Any-Any Deny "explicit list of denied countries". But the event lot still shows "TLSv1.2 connection established" on the under the any connect VPN logs from pariah countries, no authentications thankfully but this seems like a failure of the firewall to just drop these connections. What is going on? Is there a misconfiguration somewhere?
... View more
