Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 3 subscribers
  • Views 4959 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Block Ip all ports

Albert.Pamu
Hi all,

I've just started to learn how to use the UTM.

I cannot to block an IP address to access Internet when I inserted a new rule in the Firewall.

Sources: PC
Services:Any
Destinations:Internet
Action: Deny

I could insert a rule with iptables if I connect with ssh.

iptables -A INPUT -s IP-ADDRESS -j DROP

Can I create my firewall rule?

I don't want to do this with proxy or AD.

Thanks!

P.D.: Model ASG120 - v9.313-3


This thread was automatically locked due to age.
Parents
  • 0
    Hi, Albert, and welcome to the User BB!

    Is Web Filtering in a Standard or Transparent mode?  Do you have the FTP Proxy enabled?

    For more understanding of these sequence issues, see #2 in Rulz and consider the diagram attached to that post. I haven't tried this with outbound traffic, but you might try a DNAT of '{PC} -> Any -> Internet : to {non-existent IP}'.  Does that work?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    BAlfson said:
    Hi, Albert, and welcome to the User BB!

    Is Web Filtering in a Standard or Transparent mode?  Do you have the FTP Proxy enabled?

    For more understanding of these sequence issues, see #2 in Rulz and consider the diagram attached to that post. I haven't tried this with outbound traffic, but you might try a DNAT of '{PC} -> Any -> Internet : to {non-existent IP}'.  Does that work?

    Cheers - Bob
     

     

    Is this still the best way to block all internal traffic to a given host?

  • 0 in reply to Pheckphul

    I'm confused by your question, Sean.  This thread was about blocking one internal IP from reaching the Internet.  Please be more precise about what it is you want to block.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    BAlfson said:

    I'm confused by your question, Sean.  This thread was about blocking one internal IP from reaching the Internet.  Please be more precise about what it is you want to block.

    Cheers - Bob

     

     

    Sorry I wasn't clear.

     

    I wanting to block all traffic from my network to a specific IP, and would like to know if the solution proposed in this thread would be the most effective method to achieve this.

  • 0 in reply to Pheckphul

    Not knowing anything about your setup, the quickest sure answer is to use a different NAT rule like 'Any -> Any -> {banned IP} : SNAT from {240.0.0.1}'.  If you don't want to see the blocks caused by this in the firewall log, select 'Automatic firewall rule'.  Did that work for you?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0 in reply to Pheckphul

    Not knowing anything about your setup, the quickest sure answer is to use a different NAT rule like 'Any -> Any -> {banned IP} : SNAT from {240.0.0.1}'.  If you don't want to see the blocks caused by this in the firewall log, select 'Automatic firewall rule'.  Did that work for you?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML