This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DMZ Segment can access Internal web services

Hi

We have several zones.

Internal 192.168.10.0/24
Wifi 172.10.10.0/24
Guest Wifi 172.20.10.0/24
DMZ 10.0.0.0/24

Our problem is this.

When connected to the wifi,guest wifi and DMZ we can access any web service running on any server within the internal lan.

there are no auto or user created firewall rules which allows this.

i have tried creating a block rule in place.

Source DMZ,Wifi,Guest Wifi
Service Any
Destination Internal
Action: tried both block and reject.

Any Ideas ?

This thread was automatically locked due to age.

Parents

0 apijnappels over 11 years ago

See my attachment. You can create a filter action under:

Web Protection -> Web filtering Profiles -> Filter Actions

Under Block these sites/URL you can create the Regular Expression for your internal networks (in my situation all starting with 192.168.x.y)
Next you can create a Filter Assignment where you assign the created Filter Actions.
Then create a Proxy Profile for your hotspot network where you select the created Filter Assignment.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 apijnappels over 11 years ago

See my attachment. You can create a filter action under:

Web Protection -> Web filtering Profiles -> Filter Actions

Under Block these sites/URL you can create the Regular Expression for your internal networks (in my situation all starting with 192.168.x.y)
Next you can create a Filter Assignment where you assign the created Filter Actions.
Then create a Proxy Profile for your hotspot network where you select the created Filter Assignment.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data