Hi everybody
This might be somewhat obvious to some, but I actually don't seem to find the reason. Searching the KB and community didn't come up with really helpful stuff.
So I am so keen to ask ...
Here's a description of the configuration:
I got two locations - External and Internal (Basel).
External has got a full policy set attached to, while Internal does not have a FW-policy. You can see this in the screenshot below:
The locations get determined by IP-address and DNS-lookups. Whereas a client with 10.1.X.X and successful lookup is located in the "Internal" network.
Well - I got internal clients blocking incoming traffic on ports 137, 139 and 445 - Which does not make any sense to me. Because:
- The affected client(s) are located in the "Internal" network
- There is no FW-policy attached to the "Internal" network
- I am not aware that the IP-policy would block this kind of traffic
Below there's a screenshot of one blocking-event.
Now - *What* is actually causing this and *how* to get this fixed?
I am thankful for hints :)
Feel free to ask further questions.