ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.
One of a set of tools we're offering as a way to say thank you for being a part of the community.
Course Of The Month
9 days, 11 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
basic firewall setup query
Posted on 2004-09-02
hi there.
semi-quick question.
I'm working on a network that has an adsl connection that all the office pc's (being on a private IP network) NAT through the router/modem to get to the outside world.
It's got a firewall capability on it, disabled at the moment, allowing anything and everything through.
I've been in control of a firewall with two different offices before but that was about 4 yrs ago and I'm somewhat rusty on my firewall theory at the moment.
i know it's asking a bit, but can anyone gimme a basic set of firewall rules to allow users on the 192.168.0.* ip range to access anything in the outside world (192.168.0.0/32 etc) and a couple of basic rules to allow one ip address from the outside world to access an ip addy on the port 80 protocol on the private network?
(I know it's fairly easy and I'm fairly sure I could manage it but I'd just like to make sure I know what i'm doing first, cant practice on anything handy,y'see.)
thanks very much
Daryn
semi-quick question.
I'm working on a network that has an adsl connection that all the office pc's (being on a private IP network) NAT through the router/modem to get to the outside world.
It's got a firewall capability on it, disabled at the moment, allowing anything and everything through.
I've been in control of a firewall with two different offices before but that was about 4 yrs ago and I'm somewhat rusty on my firewall theory at the moment.
i know it's asking a bit, but can anyone gimme a basic set of firewall rules to allow users on the 192.168.0.* ip range to access anything in the outside world (192.168.0.0/32 etc) and a couple of basic rules to allow one ip address from the outside world to access an ip addy on the port 80 protocol on the private network?
(I know it's fairly easy and I'm fairly sure I could manage it but I'd just like to make sure I know what i'm doing first, cant practice on anything handy,y'see.)
thanks very much
Daryn
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
3 Comments
Well, you probably only want to allow your internal users to the following protocols on the Internet.
Port 80, 443 for web traffic
Port 21 for FTP
If your users use telnet, then open up port 23 and if they also use external SMTP servers, open up port 25.
Now, if you want to allow Internet users access to an inside server on port 80, you would need to create a static NAT entry and then put in an access list allowing traffic on port 80 to the inside server.
If you need further help configuring your firewall, please state the brand and model number.
Port 80, 443 for web traffic
Port 21 for FTP
If your users use telnet, then open up port 23 and if they also use external SMTP servers, open up port 25.
Now, if you want to allow Internet users access to an inside server on port 80, you would need to create a static NAT entry and then put in an access list allowing traffic on port 80 to the inside server.
If you need further help configuring your firewall, please state the brand and model number.
it's a dlink dsl-504t adsl modem router. I understand/remember the concepts of port opening, standard ports etc but the actual notation etc, the /32 subnet mask marking etc, are eluding me right now.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management? Have you ever backed up the firewall policy residing on the SmartCenter? If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month9 days, 11 hours left to enroll
623 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.