Nat , firewall rules and geo block
sk8erbender
Posts: 74 
Ally Member
Ally Member
Guys I have a question about NAT and firewall rules
Here is my NAT
Here is my firewall 
The question is -
Do you need to make IPv4 destination to openvpn server, gateway and etc? Or just leave destination all and then goes the rules which I have ?
Here is my NAT
Here is my firewall The question is -
Do you need to make IPv4 destination to openvpn server, gateway and etc? Or just leave destination all and then goes the rules which I have ?
0
Comments
-
Although, use one firewall rule for all NATed services is possible.
But from security point of view, it's better add different firewall rule for dedicated server with services.
So that like this,
source: allowed source, destination: server 1 private IP, service 1(ex. TCP 80)
source: allowed source, destination: server 2 private IP, service 2(ex. TCP443)
0 -
Can you explain more on this?zyman2008 said:Although, use one firewall rule for all NATed services is possible.
But from security point of view, it's better add different firewall rule for dedicated server with services.
So that like this,
source: allowed source, destination: server 1 private IP, service 1(ex. TCP 80)
source: allowed source, destination: server 2 private IP, service 2(ex. TCP443)
U see that I have 1 rule for GEO
Then Geo block all
and then goes rules like you said - WAN to LAN source ANY destination server private IP service (ex TCP 80 )
0 -
Oh i think i see now those rules below just does not work..
0
Master Member
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 165 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 365 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight
