Firewall rule config

mray77
mray77 used Ask the Experts™
on
I have a juniper netscreen25 firewall; which i have limited knowledge of (former cisco pix user). I am trying to configure a rule to block inbound access to a specific iis website on our web server. This web server has multiple websites, each with their own ip address. Some sites need to be accesible from outside the network, and some do not. I need to block outside access to an internal website with an ip address of 10.0.0.22. Currently this specific site is accessible from outside the network, and we only want it to be available from the inside. I have tried a combination of ways to generate the correc rule, but have not been able to prevent
access.

I guess what is confusing to me is that i have dedicated a single external ip address to this web server. All of the sites need access to port 80. Can i create a rule to block the translation from external ip to 10.0.0.22? How so? Thanks!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Commented:
Have your tried mapping a different port to this website i.e 8080, and blocking inbound traffic to this port?
If its just to block outside access to the internal server , then delete the NATing for the server or just add a policy above all the other internet allowed rules, specifying that access to this server is not allowed.

What would help would be if you could let us see the config.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial