Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 1993 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Traffic from internal network to internal address is being blocked?

Chris Jones9

Hi Community, 

i have a general question. I have some rules that allow internal network traffic to the internal network, like netbios for example. i now recognized that the traffic that is being sent to the UTM itself (which ist at 192.168.0.9) is being blocked. shouldn't  the rule "ALLOW INTERNAL NETWORK --> NETBIOS --> INTERNAL NETWORK" include the traffic that is sent to the UTM itself? or do i have to explicitly include the INTERNAL ADDRESS into the rules as allowed targets? see picture below.

so, does this make sense or is this rule bulls....: 

 

does this make any problems, if the internal address is not included in the sources and the targets of the rules, that only handle internal stuff? should i include the internal address always, when allowing traffic from internal to internal? i do not want to block out important internal things like internal dns resolution or lan traffic.  

 

notes: 192.168.0.12 is my pc where i sit right now, 192.168.0.115 is my raspberry pihole adblocker that forwards dns requests from the utm, 192.168.0.9 is the utm internal address.

when i enable to rule from above in the picture, the traffic to the UTM is being allowed of course.

 



This thread was automatically locked due to age.
Parents
  • 0

    You can nuke your firewall rule #3, Chris, as it has no effect - traffic within the subnet should never be directed to the MAC address of the NIC used by your Internal interface.

    The problem is that your PC is trying to send a NETBIOS Name Service query to the UTM.

    What device is doing DHCP?  Do you have an internal server doing that?  It should be handing out a correct WINS server.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi, thank you for your answer. The UTM is doing DHCP (see my other thread that i just wrote about my settings in general), and there is set no WINS IP, so that seems to be the problem. 

    I deleted rule #3 now. 

Reply Children
No Data
Unfiltered HTML