When using the advanced rule wizard, it is possible to configure a rule that is for some reason forbidden. This could be a result of a logical flaw, or an unknown interface.
If such a rule is present, the “checking firewall services” step will fail in an apply, but the apply will succeed. The GUI elects to disable the individual rule, but enable the firewall service and all other configured rules or policies.
Rules that have been disabled due to logical flaws or ambiguities are highlighted in red and displayed in the rules list.
<Figure 59: failed rule image>