This is for a new install with updates. The LAN and DMZ are configured. A PC connected to the LAN is never interrupted. An Android connected to the WiFi router connected to DMZ is getting blocked after a random delay. In Zenamor->Live Sessions->Blocks tab, the application protocols such as DHCP, QUIP, NTP are showing rejected. But these are allowed in policies. Often the Android is still on the internet without apparent interruption for about 10 - 30 minutes, generating random rejected reports in the Blocks tab. then it is suddenly totally blocked. If I set Bypass mode it is always suddenly is back online with no interruptions.
Setting Deployment mode to Passive Mode changes nothing. How is this possible in passive mode? Is something else the real problem?
Hi,
Thanks for reporting the issue. Zenarmor uses pcap in passive mode instead of netmap. pcap provides a copy of packets and zenarmor can not affect the traffic. Do you restart the engine aftr you change the deployment mode?
And can you share the block message for the blocked VLAN traffic in Live Session - Blocks?
I solved it by doing "Reset Zenarmor to factory defaults," then stepping through and restoring the Policies settings and repeatedly testing. I block everything except what is needed for network functions and my VPN traffic. This time there was only HTTP and HTTPS that recorded as blocked. The phone OS was calling home so I unblocked HTTPS. None of the previous network blocking reoccurred. It is working OK now.
To answer your question I assume you mean the Live Session, Blocks tab, the "Block message" column. I've attached screenshots of the Blocks and Connections tabs during that time.