Only allow communication to certain IP-adresses

Started by NB, September 19, 2023, 08:50:38 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 19, 2023, 08:50:38 AM
Hi

I have a separate VLAN where I have some equipment that only should be allowed to communicate with a few specified IP-adresses over port 443
All communication starts from these units but response from WAN needs to be allowed
The units also needs access to a few URLs and access to an NTP server

I have made an alias with the IP-adresses, URLs and allowed DNS etc. but the units can't get a connection with the servers
I'm not at home right now so I can't take a screen shot of my config but maybe someone have any tips in broad terms

Otherwise I will provide more information when I get home
September 19, 2023, 09:17:05 AM #1
Hi,

here are some thoughts:

* Allow DNS traffic to your target DNS servers.
* Allow HTTPS traffic to your target HTTPS servers
* Allow NTP traffic to your target NTP servers

Switch logging on, generate traffic and check if these rules match.

Print
Go Up Pages1
User actions