• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 328
  • Last Modified:

Firewalling 101 I need to pass dns, dhcp pxe icmp and ghost but nothing else

I have vlans and am using access-lists.  

We have a vlan 500 that has dns, dhcp pxe icmp and ghost.  We have vlan 200 that is going to be exposed to nasty things like viruses perhaps.  We need to get access to dns, dhcp pxe icmp and ghost on vlan 200  but do not want stuff like virus & attacks to get to vlan 500.

As a test enabled all into vlan 200 and enabled dns & icmp into 500.   I can not ping from 200 to 500

What are the bare minimum ports I need to communicate from dns, dhcp pxe icmp and ghost  ?

Thank you all

D  
0
itguy411
Asked:
itguy411
  • 3
  • 2
1 Solution
 
poweruser32Commented:
you cannot ping,can you ping either by name or ip address,also has the v lan 200 a default gateway assigned?
0
 
itguy411Author Commented:
It works until I put in the access list.  When I remove it it starts again.

Confused am I,

Yoda  
0
 
poweruser32Commented:
try open port 53 anyway for dns and see
0
 
itguy411Author Commented:
I was pinging by ip.  

Now really confused am I.

Yoda

0
 
itguy411Author Commented:
What port is icmp ?  Ping is icmp ?
it is udp right ?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now