Global rules not applied

Hi all

I have a problem with the global rules. I always had it, but I started trying to fix recently, so here I am.

The issue is that the global rules do not get applied the way I think they shall. Particularly I have global rules allowing processes to use the home network, but every time a process tries to contact a network device I get a popup.

Here is an example:

  • I have Edge configured with an application rule called “Browser Web”
  • “Browser web” ruleset has the following items:

[li]Allow IP OUT to

  • Allow TCP OUT to HTTP ports (80, 8080, 443)
  • Allow TCP OUT to FTP port (21)
  • Allow TCP OUT to FTP-PASV ports (all but 0-1023)
  • Allow UDP OUT to DNS port (53)
  • “Global rules” show that:

[li]IP OUT from any MAC to any in home net is allowed

  • IP IN from any in home net to any MAC is allowed
  • ICMPv4 are blocked for ICMP messages PROTOCOL UNREACHABLE for the OUT direction, while for ICMP messages 17, 15, 13, ECHO REQUEST for the IN direction

What I expect is that a UDP IN from a source in the home net from application msedge.exe is allowed, but instead it triggers a confirmation window.

The corresponding alert says:

Firewall alert
msedge.exe is trying to receive a connection from the internet
msedge.exe is a safe application signed by Microsoft Corporation. However you are about to receive a connection from another computer. If you are not sure what to do, you should block this request.

Why does this happen? How can I avoid this? I can add a rule inside each ruleset, but this, IMHO, defeats the “Global rules” purpose

For inbound connections the Global Rules are consulted first and than the Application Rules. Both the Global Rules and the Application Rules have to satisfy an allow condition to allow the connection.
Your Global Rules allows IP IN but your Application Rules does not permit IP IN or UDP IN hence the Firewall alert.