Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 23797 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Explanation or guide on reflexive rule

Massimiliano Busano

Hello Guys!

 

I can not find any guide explaining exactly how the "reflexive rule" in the "Business Application Rule" works.

If there is already a "lan to wan" or "dmz to wan" rule that authorizes all outgoing traffic to the Internet, what is the purpose of allowing a "WAN to LAN" DNAT rule to be duplicated also from "LAN to WAN"?



This thread was automatically locked due to age.
  • 0

    Hi Massimiliano,

    The Reflexive rule in a Business Application Rule usually pertains to DNAT rules. Most DNAT rules are from the outside in to an internal server for example (source: WAN, destination: the protected server in your LAN).

    Being a stateful firewall, it will automatically allow return traffic. The reflexive rule allows traffic to start and be initiated from the destination zone to the source zone (e.g. the protected server out to the Internet). All the same policies from the Business Application rule will apply.

    Cheers,
    Karlos

  • 0 in reply to Karlos

    Hi,

    Could you please clarify How reflexive option utilize other Bussiness Application Rule options like Services, Allowed client networks, Rewrite source address, Heartbeat?

    Best regards,

    Mitko

  • 0 in reply to Devo

    Business Application Rule is most likely something WAN to LAN.

    So you have to build up something, which has to go through something like DNAT etc. 

     

    Services will define the services, like the protocols.

    Allowed Client Networks will define, which Clients on the "Source" can use this Rule.

    Rewrite Source Address will change the rule to a FullNAT. 

    Heartbeat is the Synchronize Security story.