basic firewall setup query
hi there.
semi-quick question.
I'm working on a network that has an adsl connection that all the office pc's (being on a private IP network) NAT through the router/modem to get to the outside world.
It's got a firewall capability on it, disabled at the moment, allowing anything and everything through.
I've been in control of a firewall with two different offices before but that was about 4 yrs ago and I'm somewhat rusty on my firewall theory at the moment.
i know it's asking a bit, but can anyone gimme a basic set of firewall rules to allow users on the 192.168.0.* ip range to access anything in the outside world (192.168.0.0/32 etc) and a couple of basic rules to allow one ip address from the outside world to access an ip addy on the port 80 protocol on the private network?
(I know it's fairly easy and I'm fairly sure I could manage it but I'd just like to make sure I know what i'm doing first, cant practice on anything handy,y'see.)
thanks very much
Daryn
semi-quick question.
I'm working on a network that has an adsl connection that all the office pc's (being on a private IP network) NAT through the router/modem to get to the outside world.
It's got a firewall capability on it, disabled at the moment, allowing anything and everything through.
I've been in control of a firewall with two different offices before but that was about 4 yrs ago and I'm somewhat rusty on my firewall theory at the moment.
i know it's asking a bit, but can anyone gimme a basic set of firewall rules to allow users on the 192.168.0.* ip range to access anything in the outside world (192.168.0.0/32 etc) and a couple of basic rules to allow one ip address from the outside world to access an ip addy on the port 80 protocol on the private network?
(I know it's fairly easy and I'm fairly sure I could manage it but I'd just like to make sure I know what i'm doing first, cant practice on anything handy,y'see.)
thanks very much
Daryn
Who is Participating?
Well, you probably only want to allow your internal users to the following protocols on the Internet.
Port 80, 443 for web traffic
Port 21 for FTP
If your users use telnet, then open up port 23 and if they also use external SMTP servers, open up port 25.
Now, if you want to allow Internet users access to an inside server on port 80, you would need to create a static NAT entry and then put in an access list allowing traffic on port 80 to the inside server.
If you need further help configuring your firewall, please state the brand and model number.
Port 80, 443 for web traffic
Port 21 for FTP
If your users use telnet, then open up port 23 and if they also use external SMTP servers, open up port 25.
Now, if you want to allow Internet users access to an inside server on port 80, you would need to create a static NAT entry and then put in an access list allowing traffic on port 80 to the inside server.
If you need further help configuring your firewall, please state the brand and model number.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month10 days, 8 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
However, if your network is 192.168.32.0 than your subnet mask would be 255.255.255.0