Internal(Network) -> Any -> External (WAN) (Address) as the first (top) rule.
The purpose of the rule is to let internal user, connect to external (internet domain name) hosted inside the network.
Let's say: www.hello.com, is at 192.168.1.10 (with DNAT).
Currently if internal user go to www.hello.com, the packet filter block SYN from Internal IP, to the WAN interface IP.
This rule the packet pass. But does it open a big hole?
Thanks
This thread was automatically locked due to age.
