Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1415
Views
0
Helpful
4
Replies

block access rule does not works

gogi99
Level 1
Level 1

‎12-30-2021 10:55 PM

i have the firepower 1120 firewall, i have a network in DMZ zone. i natted my server and when i create block access rule for ping, this rule does not works. also, i noticed that my firewall allow all to my server, all open ports are allowed

Labels:
Preview file
94 KB
Preview file
154 KB
0 Helpful
4 Replies 4

gogi99
Level 1
Level 1

‎12-30-2021 11:13 PM

when i set default access rule on block nothing does not works

0 Helpful

Karsten Iwen
VIP
VIP

‎12-31-2021 01:02 AM

Your access-rule doesn't work because you only block traffic from outside to outside.

For a firewall deployment you should use the default deny and allow everything you need. And pay attention on using the correct zones.

0 Helpful

gogi99
Level 1
Level 1
In response to Karsten Iwen

‎12-31-2021 01:25 AM

if i set default deny, allowing port on natted device  i set access rule from any (outside zone) to local ip address of my server (172.16.20.x insied zone) or on natted ip address?

0 Helpful

Karsten Iwen
VIP
VIP
In response to gogi99

‎12-31-2021 09:46 AM

You habe to use the real IP (that is the one used in the DMZ on the server) in your access-control rule.

0 Helpful
Customers Also Viewed These Support Documents