Firewall - Outbound rules

AlexanderDrago
Getting noticed

Firewall - Outbound rules

Hello!

Can you tell me:

If you create rules with Source 192.168.0.0/24 and Destination 192.168.20.1/32 it's in two sides or only from src to dst ?

Or need to create second rules which source 192.168.20.1/32 send packages to network 192.168.0.0/24?

Thank you

4 REPLIES 4
Rebry
Here to help

Hi!

Rules seems to only work one way on my firewall. blocking everything from outside as a standard.
ww
Kind of a big deal
Kind of a big deal

yes only 1 way. but almost no traffic/session works without two-way communication. to be sure you can make rules for both sites/subnets.

So if i want that Network see device and device see Network i need to create two rules?

 

First Rule: Source 192.168.0.0/24 Destanation 192.168.20.20/32

Second Rule: Source 192.168.20.20/32 Destanation 192.168.0.0/24

 

And doesn't matter if its traffic between VLANs?

Am I right? It's like standard firewall in Iptables and etc

Rules: yes! 😄

And no, different VLAN will not matter as the firewall rule states that the VLAN can talk to each other.

I don't think you'll be able to "see" the devices automatically, as that usually are done with a ARP request (if you use a lan-scanner or something like that. But you will be able to directly ping the device on the other subnet.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels