You get a ‘Violated unidirectional connection’ message in the logs with UDP traffic even if there are rules with ‘ANY’ and ‘ALLOW’ in the rule base.
In my case the problem was that I could not PXE boot clients (using Windows Deployment Services or WDS)
The solution to the problem is as follows:
- Add a new service. Select UDP and enter the port number (in my case, port 4011 for ProxyDHCP)
- Click Advanced and where it says ‘Protocol Type’ select None.
- Now add a rule to the rule base and add the new service we just created
- Install policy