Hello all, home user here so please excuse any ignorance, I am learning.
I have been using the sophos utm for about a month now and love it so far. This forum has been a huge help. I am setting up a teamspeak (and other external servers in the future), but have concerns about security. So far here is what I did:
1. set up DMZ (10.0.0.0) on its own nic separate from my internal (192.168.2.0) network to put external servers on
2. created a dnat rule From: Any service: 1:65536 ->9987 (teamspeak port) going to: external WAN address Destination: teamspeak server
3. created a firewall rule DMZ ->any -> internet ipv4 & ipv6
4.created firewall rule Any -> 9987 (teamspeak port) -> Teamspeak server
I also have my internal network set to any ->any
Everything is working properly but is my configuration safe? Is it OK to allow DMZ -> any -> internet and also leave my internal -> any-> any now that I have a DMZ set up and am hosting an external server? Is there anything I can do to tighten things up?
This thread was automatically locked due to age.
