UTM Firewall

Network Protection: Firewall, NAT, QoS, & IPS 3 Networks and Problems with the ANY-Destination

UTM Firewall requires membership for participation - click to join

Thread Info

State Not Answered
Locked Locked
Replies 1 reply
Subscribers 2 subscribers
Views 296 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

3 Networks and Problems with the ANY-Destination

skarden over 20 years ago

Hello,

we have 3 networks: intern, dmz and gast.
In the gast-net we will allow our gast to use the internet. Si i have create some rules like:
source: gast-net
service: http
destination: any
Now all gasts can use the http-service in the internet...but i think they can also use the http-port to the intern-net, because ANY is any. That means all Rules i create with the destination ANY, make a hole in my security-policies.

How can i solve this, without closing the gast-net?

Thanks for help.

Skarden

This thread was automatically locked due to age.

0 omega over 20 years ago

create a rule gast-intern deny that hits bbefore the allow.
Cancel
Vote Up 0 Vote Down

Cancel