Nat , firewall rules and geo block
sk8erbender
Posts: 74 
Ally Member
Ally Member
Guys I have a question about NAT and firewall rules
Here is my NAT
Here is my firewall 
The question is -
Do you need to make IPv4 destination to openvpn server, gateway and etc? Or just leave destination all and then goes the rules which I have ?
Here is my NAT
Here is my firewall The question is -
Do you need to make IPv4 destination to openvpn server, gateway and etc? Or just leave destination all and then goes the rules which I have ?
0
Comments
-
Although, use one firewall rule for all NATed services is possible.
But from security point of view, it's better add different firewall rule for dedicated server with services.
So that like this,
source: allowed source, destination: server 1 private IP, service 1(ex. TCP 80)
source: allowed source, destination: server 2 private IP, service 2(ex. TCP443)
0 -
Can you explain more on this?zyman2008 said:Although, use one firewall rule for all NATed services is possible.
But from security point of view, it's better add different firewall rule for dedicated server with services.
So that like this,
source: allowed source, destination: server 1 private IP, service 1(ex. TCP 80)
source: allowed source, destination: server 2 private IP, service 2(ex. TCP443)
U see that I have 1 rule for GEO
Then Geo block all
and then goes rules like you said - WAN to LAN source ANY destination server private IP service (ex TCP 80 )
0 -
Oh i think i see now those rules below just does not work..
0
Master Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 145 Nebula Ideas
- 95 Nebula Status and Incidents
- 5.6K Security
- 239 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 385 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 72 Security Highlight
