Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 2 subscribers
  • Views 5507 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Best practice for network definitions

IngoPohlschneider
Hello everybody
I think I am experiencing a problem with my firewall rules and I guess its due to misconfiguration on my side [;)]

I use the following on the rule with problems:

Any > [A Service group] > [An availability group]

I guess that this does not work to allow access for the service to be accessed on all systems in the availability group.
If I interpret the mouse-over on the AG right, this type of grouping only holds the IP-address of the upmost available host in the group ?!

To get my config right I would be happy if s.o. could post a best practice list of which type of definition to use for what use-case [[:)]]

Thanks in advance [[:)]]

best regards
chas0rde


This thread was automatically locked due to age.
Parents
  • 0
    Yes, you're right. An availability group resolves to the first reachable host in the group, not to all.

    What you need is a normal Network or DNS group.

    Also check the integrated help ("?" on the top right of the WebAdmin), there are very good explanations of the features...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Reply
  • 0
    Yes, you're right. An availability group resolves to the first reachable host in the group, not to all.

    What you need is a normal Network or DNS group.

    Also check the integrated help ("?" on the top right of the WebAdmin), there are very good explanations of the features...

    ----------
    Sophos user, admin and reseller.
    Private Setup:

    • XG: HPE DL20 Gen9 (Core i3-7300, 8GB RAM, 120GB SSD) | XG 18.0 (Home License) with: Web Protection, Site-to-Site-VPN (IPSec, RED-Tunnel), Remote Access (SSL, HTML5)
    • UTM: 2 vCPUs, 2GB RAM, 50GB vHDD, 2 vNICs on vServer (KVM) | UTM 9.7 (Home License) with: Email Protection, Webserver Protection, RED-Tunnel (server)
Children
No Data
Cookie Information Banner