< Home

Transfer of Legitimate Files Is Affected by File Blocking

Legitimate files cannot be uploaded or downloaded after file blocking is configured.

Symptom

File blocking is configured on the FW to block the transfer of specific files between security zones. However, intranet users cannot upload or download files that should be transferred.

Possible Causes

Cause one: The traffic does not match the correct security policy.

Cause two: The traffic is blocked by another security function.

Cause three: The file blocking profile is incorrectly configured.

Procedure

  1. Cause one: The traffic does not match the correct security policy.
    1. Choose Monitor > Log > Policy Matching Log.
    2. Click Advanced Search on the upper right of the UI and select a value for Source User and Application.

      • Source User: Select an intranet user that uploads or downloads files, for example, user_0001.
      • Application: Select a protocol or application program that an intranet user uses to upload or download files.

    3. Click Search.
    4. In the security policy matching logs that are displayed, you can check whether the upload or download traffic matches the correct security policy.

      • If no, choose Policy > Security Policy > Security Policy to fine-tune security policy sequence or parameters.
      • If yes, go to 2.

  2. Cause two: The traffic is blocked by another security function.
    1. Click the security policy that is matched in 1. The Modify Security Policy dialog box is displayed. You can view the referenced profile in the dialog box.
    2. Query logs based on the referenced profile.

      • To view antivirus or intrusion prevention logs, choose Monitor > Log > Threat Log
      • To view URL logs, choose Monitor > Log > URL Log.
      • To view file blocking, data filtering, or application behavior control logs, choose Monitor > Log > Content Log.

    3. On the log interfaces, click Advanced Search on the upper right and then select a value for Security Policy.
    4. Click Search to view the logs that are displayed, find the log in which the Action is Block, and check the profile of this log.

      • If the traffic is blocked by a file blocking profile, go to 3.

      • If the traffic is blocked by a profile of another type, view the profile and determine whether the traffic needs to be blocked.

        • If yes, the fault diagnosis process ends.
        • If no, tune the parameters of the profile.

  3. Cause three: The file blocking profile is incorrectly configured.
    1. Click the file blocking profile that is matched in 2. The Modify File Blocking Profile dialog box is displayed. You can view the referenced file blocking rules in the dialog box.
    2. Tune the parameters of the file blocking rules to ensure that these rules do not match legitimate files.
Parent Topic: Troubleshooting File Blocking
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic