Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 3786 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking Communication on the Same Network Unless Specified

ciaran gillespie

Hi, I just have a quick question surrounding communication on within the same network. 

 

I know that between different networks I have to define rules to allow communication e.g. if i want to RDP between VLAN 101 (10.10.1.1) and 102 (10.10.2.1) which are separate networks I will have to define the rule

10.10.1.1 (network) -> RDP -> 10.10.1.2 (network) 

But what if i wanted to apply the same policy when communicating within the same network? e.g. currently when using RDP from a PC on 10.10.1.1 to connect to another PC on 10.10.1.1 there is no need to define any rules for this communication, it seems that same-LAN communication is allowed by default. 

How will i achieve the effect of 'block unless specified' for communications within the same network? 



This thread was automatically locked due to age.
  • 0

    Hi Ciaran,

    traffic within the same network does not pass the Firewall the source device uses its ARP Mechanisms to find the destination MAC and sends the packet to its destination.

    only if the destination is outside the source network then it passes a L3 Device.

     

    you can use Bridge Ports at your UTM on which you can build L2 Firewalling - but of course you have limitet ports to do so.

    you'll end up with two or three "Zones"

    for example

    Bridgeinterface "LAN"

    eth1, eth2, eth3

    each member interface is connected to a separtae Switch

    on the switch at eth1 you'll connect all clients

    on eht2 you'll connect all servers

    on eth3 the third "security Zone"

     

    then you can build Firewall rules based on Mac Adresse / between the member zones.

     

    thats all you can do with your UTM otherwise you need to use the destination devices local firewall "Windows Firewall / IPTables"

     

    Yours Lukas

    lna@cema

    SCA (utm+xg), SCSE, SCT

    Sophos Platinum Partner

  • 0

    Hi Ciaran and welcome to the UTM Community!

    Also, tell us what problem you're seeing that you want to address.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML