Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 617 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block a specific network for a NAT rule

Bastiaan van Leeuwen

Hi,

We have created a NAT rule for a specific internal server. I want to block some internal ranges to this NAT rule (with the Firewall not the server). I can't see to get this working. Any ideas how to block an internal network to server behind the NAT rule?

So my internal address 172.16.10.0/24 can't access the external ip x.x.x.x which leads to internal server 172.16.11.1. Other ip's (internet) or internal subnets should be allowed.



This thread was automatically locked due to age.

Top Replies

Parents Reply
  • 0 in reply to Bastiaan van Leeuwen

    Good work.  I don't see how that would allow internal traffic to reach server "0" though.  I see you have logging selected.  Are you seeing traffic from 172.16.10.0/24 going to server "0" as a result of this NAT in the firewall log?

    Also, see #2 in Rulz (last updated 2021-02-16).

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children