Solved

Sonicalwall Access Rules - most restrictive or least restrictive

Posted on 2010-09-21
5
551 Views
Last Modified: 2012-05-10
I am running a Sonicwall in enhanced mode. I have an access rule that allows port 25 traffic only from my email server to the wan which naturally stops infected machines from sending email to the WAN. I also have a rule that is set up as any - any from lan to wan.
The port 25 rule has a higher priority. Will the any to any service defeat my port 25 rule?
0
Comment
Question by:edwarddoylesr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 1

Accepted Solution

by:
Dmapros earned 125 total points
ID: 33725754
Yes. The traffic is analyzed against the rule base to see which rule it will first match on. You can place another rule in between that has LAN - WAN Port 25 DENY. The mail server will still be able to send out mail because it will match on the rule you explicitly created for it.
0
 
LVL 8

Assisted Solution

by:jimmyray7
jimmyray7 earned 125 total points
ID: 33725919
The higher priority rule should take precedence, but you do need an explicit deny for the other hosts - Any->WAN port 25 DENY.
0
 

Author Comment

by:edwarddoylesr
ID: 33726871
I do have a deny for all other hosts that is one level lower than the allow for the mail server.
0
 
LVL 8

Expert Comment

by:jimmyray7
ID: 33727028
Then that should be sufficient.  You can test the rule with telnet from a workstation - open up a command prompt and 'telnet mx.west.cox.net 25'.  You shouldn't get a response.
0
 

Author Closing Comment

by:edwarddoylesr
ID: 33769707
This worked exactly as I wanted.
0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question