We help IT Professionals succeed at work.

Sonicwall 2 small firewall questions

366 Views
Last Modified: 2012-02-09
I have 2 questions about how to accomplish something with the firewall rules.  First being with the VPN.  I created an address object using the mac address of a laptop.  I then created a rule in zone VPN > LAN Deny All.  Above that, I put a rule that says allow Any service from "MAC address object" to ANY.  With the deny all rule enabled, the laptop cannot access anything when connected to the VPN, with the deny all rule disabled, it works fine.  I have verified the MAC address is correct.  My goal is to stop anyone besides that laptop from accessing the LAN if they somehow logged into the VPN.

2nd question is, I have my main LAN on X0 and I have a server with 3 local IP's on X3 that all have static routes setup.  They are on the same subnet as X0.  I need to disable any kind of access between X0 and X3 internally. Can i create a firewall rule from LAN > LAN saying deny all?
Comment
Watch Question

Top Expert 2010
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Sean RhudyPresident

Author

Commented:
This is for GVC, our DHCP server is handing out IP's.  I will create the ARP entry this afternoon.

We only have one LAN zone, the second port it using portshield, (That's the only way I can set it up since the server is on the same subnet, and we can't change it's IP.)
Top Expert 2010

Commented:
Ah....I always forget about about portshield. Let me know how the static arp entry goes. If it works, then that means you could move the DHCP function for GVC hosts to the sonicwall. I wrote a EE article on how to do that.


http://rdsrc.us/qOGrIO
Sean RhudyPresident

Author

Commented:
We ended up doing away with the MAC filter.  Also, we will be moving the server to a different subnet and creating a secondary LAN for our other issue.
Top Expert 2010

Commented:
Sounds like you got it figured out.
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.