Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 2 answers
  • Subscribers 28 subscribers
  • Views 357 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Rules / NAT, client block

NoName NoName2

Good Morning,

I am currently trying to block various clients from accessing the Internet.

Unfortunately, I can't get these clients blocked. I have created a firewall rule

In the SG I understood that so far, in the XG I am totally confused. Then the question arises for me, why can I link the rule with a NAT rule?

Can someone explain the connections to me to some extent?

Thanks and regards



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    you do not need a Nat rule for drop.

    do you hav3 any other rules with any as the local network?
    when you review logviewer with a refined search using one IP address which rule does it show as the address is using?

    your drop rule will also need to be at the top of your rule list,

    ian

  • 0 in reply to rfcat_vk

    Hi,

    yes, the rule is the first rule in the list so that the first traffic will select this rule and block the client.

    Ok, I'll take a look at it with the LogViewer.

    When do I use a link to Linked NAT?

  • 0 in reply to NoName NoName2

    The rule will only block the client if there is no other source LAN, network ANY, type of rule. Linked NAT, when you have multiple gateways, you want to use a hsirpin rule otherwise a general (default) NAT (MASQ) rule will be okay.

    Debugging linked NAT is pain from my point of view.

    Ian

  • 0 in reply to rfcat_vk

    Linked NAT Rule is simply a relic from a older version, which was rather popular in other products. Beside that, i would not go down this road to create linked Nat rules. You can do this, but you can simply stay with the default NAT for MASQ and DNAT for internal. This should cover 90% of the use cases of NAT. The Rest can be done separately. There are no real use cases for Linked NAT.

    They came from the migration of V17.5 to V18, as we decouple Firewall from NAT. 

Reply
  • 0 in reply to rfcat_vk

    Linked NAT Rule is simply a relic from a older version, which was rather popular in other products. Beside that, i would not go down this road to create linked Nat rules. You can do this, but you can simply stay with the default NAT for MASQ and DNAT for internal. This should cover 90% of the use cases of NAT. The Rest can be done separately. There are no real use cases for Linked NAT.

    They came from the migration of V17.5 to V18, as we decouple Firewall from NAT. 

Children