Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 5783 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

LAN to LAN how specific does firewall need to be ?

B.R.O.

I can't remember if I need to specify every different network in my extended lan for it to pass traffic...

For example

I have networks VLAN1 and VLAN2 connected to interface 1 LAN Zone

VLAN19 and VLAN21 connected to interface 4 LAN Zone.

VLAN99 is vpn

 

Do I need to enter two rules for traffic to flow

Source Zone LAN/VPN , source networks VLAN1, VLAN2 VLAN99 - Destination Zone LAN, destination networks VLAN19, VLAN21

Source Zone LAN/VPN ,source networks VLAN19, VLAN21- Destination Zone LAN, destination networks VLAN1, VLAN2 VLAN99 

 

or Can I enter one firewall rule to cover all like this

Source Zone    Source Networks
LAN/VPN,           Any Hosts

 

Destination Zone      Destination Network
LAN/VPN,                    any hosts



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to lferrara

    Ok I used my Active Directory Sites and Services subnets and matched up the local vlans to which port they are in.

    Did a Lan > Lan rule, then a LAN < Lan rule

    I did do the second one on the VPN > LAN and LAN > VPN since the VPN Polices have to be configured correctly.

Children
No Data