Solved

Restrict access by ddns on firewall

Posted on 2014-01-02
4
361 Views
Last Modified: 2014-01-09
I have a webserver with an external ip behind a firewall but I don't want everybody to have access on it.  I am thinking of setting up ddns on the site that I would allow access to then I will restrict access based on these ddns on the firewall.  Seems perfect but when I put these policies in, the firewall does not detect those ddns address but I can ping it.  The policy is

xyz.domain.com (untrust)       x.x.x.x (external true ip - trust)        http (service)


If I change the untrust to any, it works fine.  If I put this ddns address in, the policy greys out and it searches very slow.

My firewall is a netscreen ssg5
0
Comment
Question by:johnyu1997
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 9

Expert Comment

by:jeff_01
ID: 39753186
Ping uses ICMP not HTTP so you would need to block ICMP requests as well I believe.
0
 

Author Comment

by:johnyu1997
ID: 39753204
You are not getting my point.  I am trying to allow access from certain ddns addresses.
0
 

Accepted Solution

by:
johnyu1997 earned 0 total points
ID: 39757023
The problem is the dns setting on the firewall was pointed to the trusted interface instead of untrusted interface.  Working good now.
0
 

Author Closing Comment

by:johnyu1997
ID: 39767538
Because the answer is the exact solution.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
The viewer will learn how to set up a document for the web and print and the recommended PPI for printing.
Using Adobe Premiere Pro, the viewer will learn how to set up a sequence with proper settings, importing pictures, rendering, and exporting the finished product.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question