DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
5510 Firewall and blocking outbound traffic
- jabwky
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
05 Feb 2010 09:31 #60349
by jabwky
5510 Firewall and blocking outbound traffic was created by jabwky
I'd like to be able to (a) block outbound port 25 traffic from any internal IP, except from the internal IP that our mail server (x.x.x.10) is connected to; and (b) allow all other outbound traffic (web browsing, DNS requests etc. etc.),
When setting up the rule, I enter the mail server IP address (x.x.x.10) and select the invert '!' option (i.e. don't apply the rule to this address, but apply it to every other address). The router then seems to not allow any port 25 traffic out at all. Should I be defining 'objects' instead and using those in the rules?
When setting up the rule, I enter the mail server IP address (x.x.x.10) and select the invert '!' option (i.e. don't apply the rule to this address, but apply it to every other address). The router then seems to not allow any port 25 traffic out at all. Should I be defining 'objects' instead and using those in the rules?
Please Log in or Create an account to join the conversation.
- g.j.w
- Offline
- New Member
Less
More
- Posts: 4
- Thank you received: 0
25 Mar 2010 13:43 #61356
by g.j.w
Replied by g.j.w on topic use two rules
Use two rules to achieve this with the first rule being the allow rule for the mail server. Setup a rule lan to wan source ip is your mail server destination ip is your isp and port is obviously port 25 set this rule to pass immediately.
This rule by itself wont change anything but it excludes your mail server from the next rule which is a basic any source any destination port 25 and set to block immediately.
Any machine on your network other than your mail server trying to send mail on port 25 now wont be able to.
This rule by itself wont change anything but it excludes your mail server from the next rule which is a basic any source any destination port 25 and set to block immediately.
Any machine on your network other than your mail server trying to send mail on port 25 now wont be able to.
Please Log in or Create an account to join the conversation.
Moderators: Sami
Copyright © 2024 DrayTek