On my SG310 (running UTM 9.703-3) I have an interface named 'Internal' (subnet is 192.168.1.1/24).
I have another interface named 'DMZ' and I want to set this up as a proper DMZ with maximum security. The subnet for this interface is 10.1.1.1/24.
I set up a VM in the DMZ. From my Internal network I am able to open my web browser and browse to the website running in the VM in the DMZ. I am also able to remote into that VM using Microsoft RDP (port 3389).
How is this possible? I thought traffic between subnets was blocked by default. I do have some firewall rules for these 2 subnets but I do not have any rule that explicitly allows (for example) traffic over port 3389 from 192.168.1.1/24 to 10.1.1.1/24. Trying to find out why traffic is getting through.
This thread was automatically locked due to age.
