Support Center > Search Results > SecureKnowledge Details
Secure Configuration Verification (SCV) not enforced without implied rules Technical Level
Symptoms
  • After disabling Implied Rules, and enabling explicit rules for SCV related traffic, tunnel test packets are being dropped on "NEEDS_SCV".

Cause

The Implied Rules are coded in a way to enable a specific mechanism for the SCV process.
This mechanism won't be prompted if using explicit rules instead, and the tunnel packets will be dropped:
"dropped by fw_scv_verification Reason: returning packets on NEEDS_SCV".


Solution
Note: To view this solution you need to Sign In .