This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DMZ PAcket Filtering

I have a mail/web server and my wireless network on a DMZ. I have packet rules setup for the server and Xbox on the wireless for access.

Code:


DMZ_Network_ {Server Services}    Any Allow
DMZ_Network_ {Xbox Live Services} Any Allow

Now, I want to add a "catch all" rule to drop any traffic from the DMZ network to the Internal network (even those allowed to go out to the Externa Interface). Would I put that before or after the two previous rules?

And, would the rule look like:

Code:


DMZ_Network_ Any Internal_Network_ Drop

Thanks

This thread was automatically locked due to age.

0 VelvetFog over 21 years ago

It depends.

If you put the block rule first, then you won't get {Server Services} and {Xbox Live Services} through from the DMZ to the Internal network.

If you put the drop rule after the two service allow rules, then those two service groups will get through from the DMZ to the Internal net.
Cancel
Vote Up 0 Vote Down

Cancel
0 blueorder over 21 years ago in reply to VelvetFog

Then I'm putting them before...Server and Xbox only need to reach internet...not my internal network...I don't want anything from DMZ to come in to the Internal Network...

Thanks Velvet...
Cancel
Vote Up 0 Vote Down

Cancel