Custom App without Signature not Matching Security Rule
Created a custom app and used it in the security rule and the traffic never hits the rule.
If the custom app defined is port based, an Application Override rule has to be created to identify at port level. If it is signature based, including the custom app in the security rule will suffice as the app engine works based off the signature.
To create a port based app and use it in the app override rule:
- Open the Objects > Applications page and Click Add
- Create the Custom App
- Open the Advanced tab and select the ports
- Go to Policies > Application Override
- Configure the rule to allow the traffic
- After the changes are committed, traffic matching the ports configured will match the app override rules.
- show session id <id> can be used to verify the application that matched the connection