Sophos Central Endpoint and SEC: Computers fail/hang on boot after the Microsoft Windows April 9, 2019 update. Please follow knowledge base article 133945
Learn about the Benefits of Multi-Factor Authentication (MFA). Turn your MFA on now!
Outage on MySophos and Partner Portal. You may contact Sophos Support through Phone.
We'd love to hear about it! Click here to go to the product suggestion community
I am trying to find a simple firewall rule where all LAN ports can see other LAN ports. Each LAN port assign their own DHCP subnet mask
LAN1 - 192.168.1.0
LAN2 - 192.168.2.0
LAN3 - 192.168.3.0
LAN5 - 192.168.5.0
LAN7 - 192.168.8.0
I can make firewall rule LAN1/ANY/LAN2 then LAN2/ANY/LAN1 and goes on to LAN7 but it is silly to make 50 rules.. I even tried LAN1-7/ANY/LAN1-7 and it worked one way not other way...
I need to make sure any LAN can see any LAN
For context, are all of your LAN ports part of the same LAN Zone?
In reply to FloSupport:
Yes all LAN ports are on same zone
In reply to Brandon91:
Basically you can use LAN to LAN as a zone based rule.
If you want to be more specific, you need to go back to the whiteboard and think about the structure.
XG will drop if it does not find any matching rule and uses first match rules.
So you can do following:
LAN to LAN with LAN1 to LAN2 with ANY Services allow
LAN to LAN with ANY to ANY with Service DNS allow
So LAN1 to LAN2 can talk with any services. And All LANs can talk with DNS to each other. As a example.
In reply to LuCar Toni:
"LAN to LAN firewall rule. Source Network, Destination Network and Services set to Any" solved my question. Thank you.