This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Prevent WAN access on additional IP address.

To map a public address to an internal address in the UTM-9, my understanding is that under "Interfaces" > "Additional Addresses" > I add a new address and assign it to the Outside interface.

Then create a NAT that for instance maps ANY service coming from ANY source going to this Additional address gets translated to the internal address that I choose.

My problem is that now I can manage the firewall using the additional address.
For instance, if the WAN address of the UTM is 65.65.65.60 and the additional address is 65.65.65.70, I can now managed the UTM using:

https://65.65.65.60:4444/ and https://65.65.65.70:4444/

How do I prevent https://65.65.65.70:4444/ form working.

I tried firewall rules such as, traffic from ANY using service 4444,80,443 going to 65.65.65.70, drop or reject. But it doesn't change anything.

Any help would be appreciated.

This thread was automatically locked due to age.

Parents

0 Ross86 over 11 years ago

It's odd that is how it's intended to work. On most firewalls you have a primary address on the WAN interface and then say management access is allowed through it. With additional addresses on say static nat they can only be used for that service.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Ross86 over 11 years ago

It's odd that is how it's intended to work. On most firewalls you have a primary address on the WAN interface and then say management access is allowed through it. With additional addresses on say static nat they can only be used for that service.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data