Setting up firewall rules for a remote VPN site to site connection
Posted on 2013-11-15
Whilst i work on getting the VPN connection going i'm wondering what firewall rules i will need to protect my internal network from the remote site?
I have 3 zones off the SonicWall i'm using. WAN, LAN and VPN. The WAN->LAN is set to deny everything (i'm not sure whether anything from the outside needs to come back in?)
For the VPN, what kind of draconian rules can i have, I presume i cannot deny everything? I'm mainly using the VPN to Remote Desktop to servers, FTP onto internal machines and using TFS source safe. Sometimes i connect to windows shares there to copy details.
Do any of the above activities require traffic from the VPN back in to my LAN?
I'm a little uncertain how firewalls work in this case. So to bring back FTP data, would i need to open FTP ports back to my LAN?
Many thanks in advance