untrusted webbrowsing

Reply
L1 Bithead

untrusted webbrowsing


Hi there

Ive set up the firewall with a trusted lan for staff and untrusted lan for visitors.

I don want the visitor lan to access the staff lan, however the first rule created was to allow webbrowsing, i cloned it and added the visitor source addess to the rule, however anything on the visitor side cannot access any web site.

Ive allowed dns from a staff lan dns server and i have check to allows resolution on, whe i look at the logs it shows the sender ip, with the correct rule classification but shows traffic as incomplete.

The staff rule works ok, is there anything obvious im missing?

Thanks.


Accepted Solutions
Highlighted
L5 Sessionator

Re: untrusted webbrowsing

You are probably missing a Source NAT translation from visitor  lan to the untrust zone, NATing it to the IP address of the untrust interface.

BR,

Karthik RP

View solution in original post


All Replies
Highlighted
L5 Sessionator

Re: untrusted webbrowsing

You are probably missing a Source NAT translation from visitor  lan to the untrust zone, NATing it to the IP address of the untrust interface.

BR,

Karthik RP

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!