DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
2910 Firewall Filters not applying
- havoc-dadelous
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
15 Apr 2011 15:51 #67320
by havoc-dadelous
2910 Firewall Filters not applying was created by havoc-dadelous
We have a Webserver that need access to our SQL server, so I have added a Data Filter to allow traffic from our webserver to our SQL server.
So I created the following rules:
WAN > LAN, Source Webserver, Destination SQL Server, Service UDP /TCP Any port to 1433, Action Allow and a 2nd rule to block.
WAN > LAN, Source Any, Destination SQL server, Service UDP /TCP Any to 1433, Action Block.
I am able to connect to the SQL server from other IP's than the Webserver. So I thought perhaps I have done it wrong, (I had added the rules to call not data) so changed the rules and still nothing, so I then created a rule so SQL was blocked. I am still able to connect to the SQL Server
I have also added a new rule to block SMTP out from our network:
LAN > WAN, Source DHCP range, Destination Any, Service UDP /TCP Any to 25, Action Block
none of the filters seem to be applied no matter how I link or call the filter sets. Any idea's as to why?
Thanks
So I created the following rules:
WAN > LAN, Source Webserver, Destination SQL Server, Service UDP /TCP Any port to 1433, Action Allow and a 2nd rule to block.
WAN > LAN, Source Any, Destination SQL server, Service UDP /TCP Any to 1433, Action Block.
I am able to connect to the SQL server from other IP's than the Webserver. So I thought perhaps I have done it wrong, (I had added the rules to call not data) so changed the rules and still nothing, so I then created a rule so SQL was blocked. I am still able to connect to the SQL Server
I have also added a new rule to block SMTP out from our network:
LAN > WAN, Source DHCP range, Destination Any, Service UDP /TCP Any to 25, Action Block
none of the filters seem to be applied no matter how I link or call the filter sets. Any idea's as to why?
Thanks
Please Log in or Create an account to join the conversation.
- nealuk
- Offline
- Member
Less
More
- Posts: 465
- Thank you received: 0
17 Apr 2011 12:41 #67329
by nealuk
Replied by nealuk on topic Re: 2910 Firewall Filters not applying
Hi I think you're close.
What about setting the first rule for your websql as WAN > LAN, Source Any, Destination SQL server, Service UDP /TCP Any to 1433, Action Block If No Further Match .
Then the next rule as: WAN > LAN, Source Webserver, Destination SQL Server, Service UDP /TCP Any port to 1433 Pass Immediately
Does that fix it for you?
Regards,
Neal
What about setting the first rule for your websql as WAN > LAN, Source Any, Destination SQL server, Service UDP /TCP Any to 1433, Action Block If No Further Match
Then the next rule as: WAN > LAN, Source Webserver, Destination SQL Server, Service UDP /TCP Any port to 1433 Pass Immediately
Does that fix it for you?
Regards,
Neal
Please Log in or Create an account to join the conversation.
- voodle
- Offline
- Big Contributor
Less
More
- Posts: 1139
- Thank you received: 0
17 Apr 2011 14:03 #67331
by voodle
Replied by voodle on topic Re: 2910 Firewall Filters not applying
It all looks right but make sure that the filter set you've put those rules in is linked from the #2 Default Data Filter? If you haven't already then set the Next Filter Set option in the bottom right so they link up.
Please Log in or Create an account to join the conversation.
Moderators: Sami
Copyright © 2024 DrayTek