EFW Support

Support => General Support => Topic started by: maguila on Sunday 08 July 2012, 06:26:48 am



Title: Two WAN coonections and 3 Subnets
Post by: maguila on Sunday 08 July 2012, 06:26:48 am
I need to isolate three environments for a development company, they have the next scenario:

RED ZONE MPLS connection with one of their customers,
RED ZONE Connection to internet
GREEN ZONE development/LAN environment
BLUE ZONE Testing environment
ORANGE ZONE Pre-Production environment

They want to isolate environments and give access to them in a granular manner, for example, from MPLS to pre-production or testing but not to development/LAN, do I need to use blue, orange and green only and add an uplink to red zone or it is posible to do rules at interface level and not only by zones?


Title: Re: Two WAN coonections and 3 Subnets
Post by: timupci on Wednesday 01 August 2012, 09:51:20 am
Well you can Isolate the Green, Blue, and Orange from each other. But as of right now I am having issues with forcing zones to travel a specific red connection. So the G/B/O networks may attempt to access the internet via the MPLS Red Connection.


Title: Re: Two WAN coonections and 3 Subnets
Post by: trymes on Friday 03 August 2012, 12:07:56 am
Check the Policy Routing tab under "Network > Routing". I think this will allow you to do waht you want. For example, you can force all outbound traffic from Green to one Red uplink and all outbound traffic from Blue and orange to the other Red uplink.

Tom


Title: Re: Two WAN coonections and 3 Subnets
Post by: maguila on Monday 06 August 2012, 06:31:59 am
Exactly, since traffic to MPLS are to certain subnets, I added a static route to those subnets trough MPLS uplink and outgoing rules to accept all protocols and ports to those subnets too.