Nat , firewall rules and geo block

sk8erbendersk8erbender Member Posts: 74  Ally Member
Guys I have a question about NAT and firewall rules
Here is my NAT

Here is my firewall

The question is -

Do you need to make IPv4 destination to openvpn server, gateway and etc? Or just leave destination all and then goes the rules which I have ?

Comments

  • zyman2008zyman2008 Member Posts: 91  Ally Member
    edited February 27, 2018 6:23PM
    Although, use one firewall rule for all NATed services is possible.
    But from security point of view, it's better add different firewall rule for dedicated server with services.

    So that like this,
    source: allowed source, destination: server 1 private IP, service 1(ex. TCP 80)
    source: allowed source, destination: server 2 private IP, service 2(ex. TCP443)

  • sk8erbendersk8erbender Member Posts: 74  Ally Member
    zyman2008 said:
    Although, use one firewall rule for all NATed services is possible.
    But from security point of view, it's better add different firewall rule for dedicated server with services.

    So that like this,
    source: allowed source, destination: server 1 private IP, service 1(ex. TCP 80)
    source: allowed source, destination: server 2 private IP, service 2(ex. TCP443)

    Can you explain more on this?
    U see that I have 1 rule for GEO
    Then Geo block all

    and then goes rules like you said - WAN to LAN  source ANY destination server private IP service (ex TCP 80 )
  • sk8erbendersk8erbender Member Posts: 74  Ally Member
    Oh i think i see now those rules below just does not work..
Sign In to comment.