Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 4425 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking traffic from one PC to another on the same subnet & also blocking traffic from PC to PC on different subnet

C Cameron

I'm running UTM 9 (Home) with 3 NICs 2 of which are internal. Each of my internals NICs are on different subnets. Most of my equipment is running on Static IP.

 

I would like to do the following:

1. I have some equipment running on the same subnet as my daily use laptop and desktop that I would like to block all traffic to and from.

2. I also run work laptop on the second NIC that I would like to block from accessing anything running on the other subnet.

 

I have tried the following for testig purposes:

 

Created FW rule to block all traffic from laptop to nas, using definitions

Tested still allowing traffic. 

Looked for automatic FW rules, but only rules I had before the blocking rule were the auto VPN rule, which I disable create automatic FW on and manually setup, setting in 3rd place, and blocking rule is now in 1st place.

Retested still not blocking

Disable Intrusion, Web, Ping, ICMP don’t have any dnats

Retested still not blocking

Any suggestions, examples would be appreciated.



This thread was automatically locked due to age.
  • 0

    The nature of a LAN is that all devices are supposed to be able to see all other devices.   The appropriate solution is to put your PC on a different LAN, which also means a different subnet.   This also includes changing the wiring so that your PC is isolated from the others, either on a separate physical LAN or on a VLAN.

    UTM has a unique configuration, because traffic that goes through the proxies will bypass the firewall rules.   To preserve isolation, you have to implement blocks in every function module.   Read the Wiki and some of the other posts in this forum for more information.

  • 0 in reply to DouglasFoster

    Thank for your response Douglas, my original intent was to was to buy some additional equipment but I had remember reading something a while back that could either block using firewall rules using one nic on same subnet or a second nic on a different subnet, so I figured I would see if it was possible before by extra equipment.

Unfiltered HTML