ChrisM117

OK, I have found the issue in our configuration. Two new known network zones have been added, Privat eand Public. Private is marked as public. You have to go back through the Network profiles and include the se zones in any allow or block rules as required. Otherwise you end up with the scenario we had. We had a profile which blocked all traffic apart from vpn access on non trusted networks (we had added a set of trusted networks). The new firewall zones allowed all traffic to pass apart from our vpn, so basically reversed the protection we had configured. I think that any change to the firewall like this should come with a detailed warning that it will break your configuration.

Building a test system this morniing to diagnose the issue further. Looks like the new firewall module added private and public zones to the network list which is likely the cause as they are not in the existing policy. Will report back later this morning.

10.2046 has broken our firewall configuration, we had it configured to only allow traffic on certain connected networks, the users can now access anything and everything without restrictions. We have had to reinstall 10.2045 and block client updates as this is a major security issue for us. what has changed in the firewall setup which is breaking how network profiles and trusted networks are handled??