Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 3 answers
  • Subscribers 6 subscribers
  • Views 15977 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rule "DROP" not working

Davide Giordano

 Good Morning,

I create the firewall rules to DROP packets from an interface to LAN interface but the DROP does not working.

 

 

Tha LAN_VOIP network doesn't must see the Internal Network and the DMZ network, and the same for the DMZ and Internal Network.

 

Why? 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Davide Giordano

    Hi Sir Davide,

    Good Day

    Upon checking with your Firewall Rule

    What does LAN-VOIP Network > ANY > ANY?
    * Destination "ANY" allows all match traffic
    * Much better to config like this if only traffic goes to internet 
    * try this setup LAN-VOIP Network > ANY > IPV4
    * Same as the other configurations

    Then try to test if LANVOIP, INTERNAL and DMZ see each other

     

    Thank you

     

     


     

  • 0 in reply to Proudmore

    Because the LAN_VOIP must has all services opened to the External WAN (the internal network NO), how can i edit the rule?

     

    I try from the internal network to ping and IP of the LAN_VOIP and works. i discover now that only pings works, the others services no(fortunately). Why ping works?

  • +1 in reply to Davide Giordano

    Hi Sir,

    Yes if all VOIP, DMZ and LAN network traffic ONLY goes to WAN

    It is okay to config like this

    VOIP > ANY > IPV4

    DMZ > ANY > IPV4

    LAN > ANY > IPV4


    then try to delete those drop Policy  and make a tests again 
    Hope to solve this problem with this solutions

     

    Thank you

Unfiltered HTML