Steps: 1)edit a 6.0 policy with basic protection strategy 2)Navigate to global network rules 3)Under inbound components, specify a an ip with mixing of wildcards as 10.2*1.*.2*5 under global inbound address lists 4)under network rule specify the remote ip as global inbound hosts component 5)save and apply the policy to the agent
Expected: Policy translation should fail with wildcard mixing in an octet, 10.2*1.*.2*5 gets resolved under minus file, no translation error if the wildcard is mixed with other characters i.e. 10.2*1.*.2*?5
Observed: Policy translates successfully.
There is no error but the rule in the policy will not work correctly.
Do not use mutliple wildcards for IP addresses in SCSP IPS policies even if the UI allows you to do so.
Imported Document ID: TECH215607
Subscribing will provide email updates when this Article is updated. Login is required.