Team,
In short, I have 2 VLANs. 192.168.32.x and 172.16.1.y. All work well so far...
172.16.1.y will be DMZ, while 192.168.32.x will be internal network...
so I've created firewall rules on the mx64 to deny any access from 172.16.1.y/24 to 192.168.32.x/24. Saved.
... I can still ping the internal network from a computer i've added on the DMZ. What am I missing?
from 172.16.1.11:
the rule on the MX64:
there are NO other rules before this one with any Allow statement for icmp.
thanks in advance for your help.
tks
Rafa