Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
06-30-2014 04:17 AM
Hi,
I have to create a rule bidireccional between two of my servers. My question is, do i have to create two rules to allow the connection in both flows, or i could only create the rule TRUST TO DMZ and the way back would be permit too?
Its a bit tricky 2 rule for one connection, no???
thanks
06-30-2014 04:31 AM
If all of your HTTP sessions are being originated from one side; you just need one rule. That single rule will allow the return packets in that TCP session to come back to the originator.
If your HTTP sessions can be originated from both sides (i.e. you have HTTP servers on both sides); you really need two rules.
(I guess you could have a single rule with both Trust and DMZ zones in the Src and Dst zone lists and the both address objects in the source and dest address fields; but I really wouldn't recommend that. Curious to know if others here do this.)
Note; for NAT rules there is a bi-directional option - there just isn't one for security rules. (Not that the bi-directional NAT seemed to work for me; but that was a few releases back in the 5 series... Guess I should try again sometime)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
