Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Trouble with Dynamic Application Classes

I am having some trouble setting up a dynamic application class for this alert.

The process 'System' (as user NT AUTHORITY\SYSTEM) attempted to accept a connection as a server on TCP port 445 from <IP ADDRESS>. The operation was denied. Details Rule 223 Wizard

I have tried creating a dynamic application class with a builder rule set to add anything on TCP port 445 to the application class.

Then i have created another Network Access Control allow rule saying allow the AC when acting as a client or Server on port 445 and also the built in SMB network services.

Any help would be greatly appreciated.

Thanks in advance.

2 REPLIES
Anonymous
N/A

Re: Trouble with Dynamic Application Classes

Creating dynamic application classes from the Application control rule is a bit different than creating them from other rule types. Because this rule has two application class fields, you can choose to add the current application to the dynamic class or choose to add the new application that is invoked by the first application to the dynamic class.

http://www.cisco.com/en/US/products/sw/secursw/ps5057/prod_release_note09186a008019b760.html

Blue

Re: Trouble with Dynamic Application Classes

Hi Jeff, since it sounds like you allow peer sharing in your organization (unless these are servers), wouldn't a static rule accomplish the same thing?

You could allow connections only from your internal addresses and to only those machines allowed to share.

I won't go in to why it isn't a good idea since you probably already know that.

HTH

Tom

129
Views
0
Helpful
2
Replies
CreatePlease login to create content