Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 10 replies
  • Subscribers 2 subscribers
  • Views 3961 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Separate subnets / DMZ Separation

seatacsupport
Can anyone tell me how to truly separate subnets on a firewall that has 4 NICs? Example: I have 1 external NIC, 1 interal, and 2 DMZ's. If I set my packet filter rule on "any traffic originating on the respective DMZ, allow outbound" then each of the DMZ can route to each other as well as the interal network. 

Currently, I am using version 8. In the past with version 6 and version 7 I would setup a rule at the top of the Packet Filter rule set that simply stated all traffic from DMZ/s destination ( to each other or) interal network drop. For some reason, this does not seem to be working in version 8. 

Any help is greatly appreciated 
[:D]


This thread was automatically locked due to age.
Parents
  • 0
    It looks like you could get rid of the related drop rule #3 simply by replacing 'Any' with 'Internet' in rule #8.  I suspect that your other subnets have the same issue.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    It looks like you could get rid of the related drop rule #3 simply by replacing 'Any' with 'Internet' in rule #8.  I suspect that your other subnets have the same issue.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Cookie Information Banner