Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Sonicalwall Access Rules - most restrictive or least restrictive

Posted on 2010-09-21
5
Medium Priority
?
557 Views
Last Modified: 2012-05-10
I am running a Sonicwall in enhanced mode. I have an access rule that allows port 25 traffic only from my email server to the wan which naturally stops infected machines from sending email to the WAN. I also have a rule that is set up as any - any from lan to wan.
The port 25 rule has a higher priority. Will the any to any service defeat my port 25 rule?
0
Comment
Question by:edwarddoylesr
  • 2
  • 2
5 Comments
 
LVL 1

Accepted Solution

by:
Dmapros earned 500 total points
ID: 33725754
Yes. The traffic is analyzed against the rule base to see which rule it will first match on. You can place another rule in between that has LAN - WAN Port 25 DENY. The mail server will still be able to send out mail because it will match on the rule you explicitly created for it.
0
 
LVL 8

Assisted Solution

by:jimmyray7
jimmyray7 earned 500 total points
ID: 33725919
The higher priority rule should take precedence, but you do need an explicit deny for the other hosts - Any->WAN port 25 DENY.
0
 

Author Comment

by:edwarddoylesr
ID: 33726871
I do have a deny for all other hosts that is one level lower than the allow for the mail server.
0
 
LVL 8

Expert Comment

by:jimmyray7
ID: 33727028
Then that should be sufficient.  You can test the rule with telnet from a workstation - open up a command prompt and 'telnet mx.west.cox.net 25'.  You shouldn't get a response.
0
 

Author Closing Comment

by:edwarddoylesr
ID: 33769707
This worked exactly as I wanted.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question