Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 3 answers
  • Subscribers 6 subscribers
  • Views 15976 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rule "DROP" not working

Davide Giordano

 Good Morning,

I create the firewall rules to DROP packets from an interface to LAN interface but the DROP does not working.

 

 

Tha LAN_VOIP network doesn't must see the Internal Network and the DMZ network, and the same for the DMZ and Internal Network.

 

Why? 



This thread was automatically locked due to age.
Parents
  • 0

    Ciao Davide, and welcome to the UTM Community!

    Several things for you to learn...

    Pinging is regulated on the 'ICMP' tab of 'Firewall'.  Disable 'Firewall forwards pings' and add Ping in the firewall ruleset.

    The "Any" Service only includes TCP and UDP.  Ping and other IP Protocols are not included.

    By default, all traffic is blocked, so your four firewall rules could be replaced by a single one:

    LAN VOIP (Network), Internal (Network) -> Any, Ping -> Internet : Allow

    You might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address.  To see why, look at #2 in Rulz and also see Doug Foster's take on some of this: READ ME FIRST: UTM Architecture

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Ciao Davide, and welcome to the UTM Community!

    Several things for you to learn...

    Pinging is regulated on the 'ICMP' tab of 'Firewall'.  Disable 'Firewall forwards pings' and add Ping in the firewall ruleset.

    The "Any" Service only includes TCP and UDP.  Ping and other IP Protocols are not included.

    By default, all traffic is blocked, so your four firewall rules could be replaced by a single one:

    LAN VOIP (Network), Internal (Network) -> Any, Ping -> Internet : Allow

    You might be interested in a document I maintain that I make available to members of the UTM Community, "Configure HTTP Proxy for a Network of Guests."  If you would like me to send you this document, PM me your email address.  To see why, look at #2 in Rulz and also see Doug Foster's take on some of this: READ ME FIRST: UTM Architecture

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML