Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 1768 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Deny Firewall Rule Issue

radi0act1ve
I am wanting to configure a firewall rule that denies traffic from one internal host to all other internal hosts on the network, except DHCP and DNS traffic to the gateway.  I am running the latest version of Sophos UTM and I have created the rules and added it to the top position on the firewall list.  The Sophos UTM box is the gateway for my network.

Firewall Rule Config 1 (Position 1):
Source: Machine A
Service: DHCP, DNS
Destination: Gateway
Action: Allow

Firewall Rule Config 2 (Position 2):
Source: Machine A
Service: Any
Destination: Internal Network
Action: Drop

The rule is still allowing traffic, I have rebooted the client machine and the Sophos UTM box but it still fails to drop packets.  

Can someone provide insight on what the issue could be?  Is it possible to restrict access this way since there aren't any VLANs, etc.


This thread was automatically locked due to age.
  • 0
    How should that work?

    A Host does only contact his gateway if he wants to reach a net outside his own network.
    So: No, you cannot do it this way. You will have to put the host into a separate network.

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Cookie Information Banner