Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 3136 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall 2.0 functionality (Sophos Enterprise Console)

jb1111

Hi.  I am using Firewall 2.0 clients and managing via the console.  I've looked through the various documents and have a  lingering question.  "Allow by default" - it says traffic which has no matching rule is allowed.  Does this mean all Outbound and Inbound are allowed?  I am looking for a setting that allows all Outbound but blocks most inbound (except what I have set in the rules).

:3380


This thread was automatically locked due to age.
Parents
  • 0

    Hello jb1111,

    if you use Block by default and add global rules allowing Outbound TCP and UDP this should do what you want (this will still block outbound traffic for the other IP protocol types). Or you could add "block inbound IP" as the last global rule.

    As to the events: what's the console log? Just checked SEC/View->Firewall Events ..., SEC/View Computer Details
     and the client's Firewall Log. They all show the direction. Could you give an example please?

    Christian

    :3387
Reply
  • 0

    Hello jb1111,

    if you use Block by default and add global rules allowing Outbound TCP and UDP this should do what you want (this will still block outbound traffic for the other IP protocol types). Or you could add "block inbound IP" as the last global rule.

    As to the events: what's the console log? Just checked SEC/View->Firewall Events ..., SEC/View Computer Details
     and the client's Firewall Log. They all show the direction. Could you give an example please?

    Christian

    :3387
Children
No Data
Unfiltered HTML