Outbound traffic block

Forum|Forum|13 years ago
May 3, 2013
3 replies
8582 views

How would you recommend blocking all outbound traffic from a single internal IP? The same IP has incoming services for FTP and another custom service already. I want this server to ONLY be able to communicate in or out over the 2 services I specify. Thanks in advance, Tmoe

emnoc

New Member

Install a fwpolicy as a specific entry before any allow ANY/ALL , with a deny any for that ip_address & outbound.

rwpatterson

New Member

BEFORE the deny, you need to install an allow (outward) for the protocols you require, THEN the deny all (others) from that single IP. Just the deny will... deny!

tmoeAuthor

New Member

Perfect! I used 3 policies. 1 to allow the specific services in to the server. 1 to allow the specific services out of the server. 1 to deny all traffic to the server. I put them in that order as well. Works like a champ! My LAN is port13 WAN is port14

Tr51919.jpg

emnoc

New Member

noted Also nailing it behind a VIP would have gave you the same thing and no local fwpolicies for that src and only the inbound VIP fwpolicies

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded