Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 5 subscribers
  • Views 464 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block bad IPs via DNAT or firwall rule?

UTMaddict

Hello,

what would be the best way to block bad IP hosts trying to access my networks?
Via DNAT (blackhole) or firewall rule?
What are the advantages or disadvantages?

Regards
UTMaddict



This thread was automatically locked due to age.
Parents
  • 0

    Hello UTMaddict,

    Thank you for contacting the Sophos Community!

    That would depend, in order for a connection to be able to access your Firewall you need to have a rule in place, if you have a WAF rule or DNAT that allows certain service, the best is to add the IPs you trust to this DNAT. So usually you will want to have a Blackhole DNAT for any IP that might be trying to access any of your open ports.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Reply
  • 0

    Hello UTMaddict,

    Thank you for contacting the Sophos Community!

    That would depend, in order for a connection to be able to access your Firewall you need to have a rule in place, if you have a WAF rule or DNAT that allows certain service, the best is to add the IPs you trust to this DNAT. So usually you will want to have a Blackhole DNAT for any IP that might be trying to access any of your open ports.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
Children
No Data
Unfiltered HTML