Neuvector, Traffic between the external and the pod is not authorised

Hello,

I don’t understand why, in neuvector, when I switch a pod to protect mode and in the rule network, the traffic with the external and the pod is allowed. However, the connection is still not established.

Help me, please.

Hi Aline_WANG

Yeah, that does sound frustrating for you. Let’s hope we in the community can help you along. Methinks we’ll need to know more about your situation to get started.

What version of NeuVector, and what version of Rancher/K8s?

Are you able to share what the allow rule looks like? Also, are you getting any errors in the Security Events? When you had this group in Monitor mode, did you log any events there?

The version of my Neuvector is 5.3.3 and the version of my Rancher/K8s is v1.29.4+k3s1.
The allow rule (in Policy/Network rules) is as :

Errors in the Security Events (when it’s in protect mode) :

Errors in the Security Events (when it’s in monitor mode) :

Okay, good; those should essentially match. Thank you for sharing. The quickest fix here would be to hit that "Review Rule" and add the rule. Then, you can go back network rules and see what the gap may have been.

I’d already updated the rule but it doesn’t change anything, it’s still blocked on the same rule even though I can see that it exists.