|
Title: Block external access to a range of internal ports when sNAT is on. Post by: Sizif on Monday 13 September 2010, 06:55:58 pm This problem might seem trivial to EFW gurus, well - that's why I'm here. :)
I have a range of 32 external IP's mapped to a host of machines in internal network. All ports are open and visible from outside by external IP, and everything works fine, EFW 2.3. However, I've noticed many unwanted connections from outside to ports 445 and 139. I would like to add a rule to block all incoming connections from outside (RED interface), effectively allowing only GREEN traffic to connect to ports 445 internally. I've set up destination NAT rule, but it seems to be ignored - I still get incoming connections to port 445 from outside IP's. What did I forget? |