Title: What should I do if Application blocking failed on Reyee Gateway? [Print this page] Author: zhangqiao@ruiji Time: 2024-5-11 11:38 Title: What should I do if Application blocking failed on Reyee Gateway? 1.The APP selected when configuring the blocking policy is inconsistent with the APP that needs to be blocked
If certain APPs are selected when configuring the policy, hover over the More
button to view the settings blocking APPs
If the APP Group is selected when configuring the policy, you need to click Edit to see if the APP Group contains the APP that requires blocking.
If it is not included, you can check whether the APP is included by other groups through searching
If not, it means that the current APP identification feature library does not contain the APP's identification rules. Please try to manually add the IP Address and port used by the APP that needs to be blocked (obtained by capturing packets or querying on the network or other means). 2.Associated user group is not configured correctly
Check whether the IP Address range configured in the user group contains the IP Address used by the user who needs to configure APP blocking
If you need to configure that the blocking IP Address is not within the IP Address range of the user group, you need to change the user group configuration, click Edit to modify the IP Address range of the user group
3 The current time is not within the effective time range of the policy
Verify that the configured policy effective time is correct
If the configured time does not meet the requirements, you can click Edit to modify the time range in which the policy takes effect:
If you want to configure the effective time of multiple policies to that time, you can also add an automatic time range in Time Management to avoid having to manually select a time range when configuring each policy:
When configuring the policy, select the time range 3. Feature library issues cause inaccurate application or web page recognition
3.1 Check whether the automatic update of the feature library is turned on. If it is not turned on, the feature library will not be automatically updated. Please click Open to update the feature library
If it has been turned on, the feature library is the latest version of the feature library, but the specified APP still cannot be blocked. Please proceed to the next step 3.2 Source IP
based packet capture
Pack capture steps:
Close the software background at the end point, that is, close the application completely
Enable packet capture based on end point source IP on EG
Interface: Select LAN IP Address: Fill in the IP Address of the end point device File Size Limit: Choose 8M or larger to ensure that more packets can be caught Packet Count Limit: No Limit
Click Start
3) Run the APP that needs to be blocked on the end point device and perform some actions on the APP, such as sending messages, browsing pictures or videos, etc.
4) After the package capture is completed, download the PCAP file
5) Contact Ruijie Tach support for help. And explain the fault phenomenon and provide the packet capture file, application name, end point IP address information, current feature library version, troubleshooting steps and other information.
Welcome to Ruijie Community (https://community.ruijienetworks.com/)