Thread Info
  • Locked Locked
  • Replies 1 reply
  • Subscribers 4 subscribers
  • Views 1897 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Security in network environment

Paolo Est

 Hey all,

I am setting up a new network structure to raise security. therefore I created a dmz with a dedicated VLAN for my open vpn server. Login works fine - now I want to access my nas (internal lan). I am aware that this is a security risk and just wanted to ask how you would set up routing and firewalling between dmz and internal network

 

Thanks and br



This thread was automatically locked due to age.
Parents

  • If both DMZ and internal are on the UTM there's no need to do any routing.

    You just need to enable firewall rules allowing traffic from DMZ to LAN and vice versa if necessary. You can be as specific as you like and only allow certain ports or only allow traffic to a specific host in the LAN so to minimize the risk of allowing traffic to the LAN.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Reply

  • If both DMZ and internal are on the UTM there's no need to do any routing.

    You just need to enable firewall rules allowing traffic from DMZ to LAN and vice versa if necessary. You can be as specific as you like and only allow certain ports or only allow traffic to a specific host in the LAN so to minimize the risk of allowing traffic to the LAN.

    Managing several Sophos firewalls both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

Children
No Data
Unfiltered HTML