This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

several hosts with dnat

Hi,
I've a dmz with dnat configured fine. If i do
a portscan from outside to the host in dmz then ssh and pptp is shown up, of course this is
configured - but on the asl - not to the host in the dmz, is there a way to tell the asl not
to offer/show any ports on IF aliases where its
not belonging to ?
thx M.

This thread was automatically locked due to age.

Parents

0 Maurice over 23 years ago

Matthias,

Just trying to guess here: is your ICMP enabled on the ASL? If yes, try turning it off (both of them) and see if it works. I have both off and my network seems to not exist to pings, port scans etc. from the outside.

Regards,
Maurice

P.S. You can check your firewall condition (open ports etc.) at grc.com using any of your masqueraded clients (they will look like coming out from your ASL box. There are some great security tests there.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Maurice over 23 years ago

Matthias,

Just trying to guess here: is your ICMP enabled on the ASL? If yes, try turning it off (both of them) and see if it works. I have both off and my network seems to not exist to pings, port scans etc. from the outside.

Regards,
Maurice

P.S. You can check your firewall condition (open ports etc.) at grc.com using any of your masqueraded clients (they will look like coming out from your ASL box. There are some great security tests there.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data