topic Re: Security Policy Search Results in General Topics

Security Policy Search Results

jeff6strings — Wed, 02 Oct 2019 01:01:32 GMT

We have a 3020 firewall with version 8.0.10 and need to allow a new server access to resources in other zones. An existing server, 10.100.100.10 already has this access, so I need to mimic the access of this server.

In Objects\Addresses there is an entry for 10.100.100.10 with the name Server1.
In Objects\Address Groups there are a couple of groups in which server name Server1 belongs.

In Policies\Security, when I search for Server1, four Security Policy Rules result. When I check them, all have Server1 in either Source or Destination.

When I search Policies\Security using the Server1 IP address, 10.100.100.10, a half dozen result, two of the results have Server1 name, but the other four don't. I checked these four, and they don't have the server name or IP address anywhere in the rule.

I appreciate any help in understanding the logic of how the other four policies result by IP address.
Thank you.

Jeff

Re: Security Policy Search Results

kiwi — Wed, 02 Oct 2019 09:53:31 GMT

Hi @jeff6strings ,

Maybe you have another object in there that contains the private address space range ?

For example if you have an object or a group that contains the private range 10.0.0.0/8 then 10.100.100.10 would also return in your search result while not having the IP address explicitly configured.

Cheers !

-Kiwi.

Re: Security Policy Search Results

RobinClayton — Wed, 02 Oct 2019 11:28:13 GMT

with "Object NAME" just the server is found.

with "IP" the server and any groups it belongs to are returned.

It's just the way the search works, not sure if it's different in later versions.

Re: Security Policy Search Results

jeff6strings — Wed, 02 Oct 2019 19:34:19 GMT

I didn't think of that and there is an object with a 10.100.100.0/24. I checked the other rules and they do have this object as either source or destination.

Thank you.

Jeff