I would like to have advices regarding firewall rules. I'm deploying a PA-3220 on my main site (site A). On this main site, I have several zones configured on my PA3220 (user, servers, dmz Intranet,). I have also 5 remote sites.
I must create a rule to allow small sites and users & servers zone configured on my main site (site A) to reach our DMZ Intranet zone . What is the best approch to create a rule ? Is-it to create a first rule (wich rule name ?) to allow remote site to Intranet zone on site A and a second rule to allow the the local zone (user, server) to reach Intranet ?
Is-it to create a single rule with, in source zone, the WAN zone (remote site) and local zone (user, servers) and destination my DMZ network in the Intranet zone ? And is-it a problem if in source zone, I have a mix of WAN access (for traffic coming from my remote site) and local site (user, servers) for traffic coming from these local zones ?
If your remote sites have the same zone name, ie remote office, then you could just create a policy to allow remoteoffice zone to connect to dmz zone.
Or something like that.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!