Go to the "Rules" tab within the "Access" tab.
Create a rule as follows:
Action: Deny
Service: Default
Source: WAN, and the IP address or range that you wish to prevent
connections from
Destination: LAN, leave the range set at *
Then click the "Add Rule" button and restart your SonicWall.
Note: These instructions assume that you are attempting to keep someone who
is outside of your LAN from gaining access to your LAN. I am also assuming
that you do not have any rules that explicitly allow access to certain
services for groups that could include the address range in question. Rules
of this type will only deny incoming sessions. If you need to deny sessions
that originate from inside your LAN, you will need to set up a rule that
does so. This would be done by making the "Source" your LAN and the
necessary range of Ips and making the "Destination" the WAN and the specific
address(s) that you wish to deny.
An additional thought: Remember that the best security approach is to deny
everything and then explicitly allow only those services that you have
identified as necessary and consistent with your written security policy. If
you have taken this approach, you probably don't need a rule that addresses
a specific IP problem, no services from any IP will be allowed to establish
an incoming session. Your ruleset need not be very large at all!
Good Luck!
Dean A. Luethje, Sysadmin
Bell Paper Box, Inc.
...Any opinions expressed are mine alone and do not reflect official company
opinion or policy
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of John Turner
Sent: Wednesday, August 02, 2000 8:44 AM
To: [EMAIL PROTECTED]
Subject: SonicWall Rule Denying Specific IP Address
Hello all.
Need the help of any SonicWall mavens on the list. Does anyone know how to
write a SonicWall rule which will deny all connections, TCP/UDP/ICMP from a
specific IP address?
I want to deny from ANY to ANY, IP address = 206.143.57.92 (hypothtical
address).
Is it a variation on a default setting? It's for a SonicWall Soho.
Thanks in advance for any assistance. JPT
--== Sent via Deja.com http://www.deja.com/ ==--
Before you buy.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
