[AF] Network Policies action configuration is allowed, but the Logs shows the action is denied
Problem Description
All AF security protection Policies the "Allow" action selected. When querying the logs, it is found that there are logs with the action set to "Reject".
Policies:
Rejection log:
Effective troubleshooting steps
- Check Logs. The rejected Logs are all of the black domain name type (the black domain name type has no destination IP). Access from black IPs is allowed normally.
2. Check the Network Policies and configure malicious domain name redirection
Root cause
Configuring malicious domain name redirection will cause access to black domain names to be completely denied.
solution
Mechanism problem, explain to the customer or cancel the malicious domain name redirection configuration
Original Link
https://support.sangfor.com.cn/cases/list?product_id=13&type=1&category_id=1077&isOpen=true