Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 3 subscribers
  • Views 2273 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall rules - best practices?

Roland M.
Hello to everybody!

I'm new to the Astaro/Sophos software, just got the final hardware a few days ago and now I'm testing or rather learning. So to say it clear: I am a bloody beginner... [:)]

First question: 
Given 3 interfaces LAN, WAN1, WAN2 (Backup) and as example the NNTP service (Usenet, Port 119).

What's the better / usual way:

1 rule: Any -> NNTP -> Any
or
2 rules: LAN -> NNTP -> Any and Any -> NNTP -> LAN ?

Wouldn' the Any-Any rule allow traffic between WAN1 and WAN2?


Thanks in advance!


Roland

PS: English isn't my mother language, so sorry for any misspelling or unclear wording!


This thread was automatically locked due to age.
  • 0
    You only hav to create a rule allowing the outgoing traffic. Answering packets to this traffic are automatically allowed.

    There is also a network object called "Internet" (it resolves to all interfaces with default gateway).
    So it should suffice to create an Allow rule for Internal (Network) -> NNTP -> Internet