Hi all
I have a problem with the global rules. I always had it, but I started trying to fix recently, so here I am.
The issue is that the global rules do not get applied the way I think they shall. Particularly I have global rules allowing processes to use the home network, but every time a process tries to contact a network device I get a popup.
Here is an example:
- I have Edge configured with an application rule called “Browser Web”
- “Browser web” ruleset has the following items:
[li]Allow IP OUT to 127.0.0.1/255.0.0.0
- Allow TCP OUT to HTTP ports (80, 8080, 443)
- Allow TCP OUT to FTP port (21)
- Allow TCP OUT to FTP-PASV ports (all but 0-1023)
- Allow UDP OUT to DNS port (53)
[/li] - “Global rules” show that:
[li]IP OUT from any MAC to any in home net is allowed
- IP IN from any in home net to any MAC is allowed
- ICMPv4 are blocked for ICMP messages PROTOCOL UNREACHABLE for the OUT direction, while for ICMP messages 17, 15, 13, ECHO REQUEST for the IN direction
[/li]
What I expect is that a UDP IN from a source in the home net from application msedge.exe is allowed, but instead it triggers a confirmation window.
The corresponding alert says:
Firewall alert
msedge.exe is trying to receive a connection from the internet
msedge.exe is a safe application signed by Microsoft Corporation. However you are about to receive a connection from another computer. If you are not sure what to do, you should block this request.
Why does this happen? How can I avoid this? I can add a rule inside each ruleset, but this, IMHO, defeats the “Global rules” purpose