I use a straightforward tunnel to open access to port 80 on a per IP basis.
So I have an alias for a range of addresses and then a tunnel - example for one like
shown:
Alias
-------
nn EXTERNAL nnn.nnn.nnn.115 255.255.255.255
Filter
--------
nn TCP nnn.nnn.nnn.115 80 yyy.yyy.yyy.115 80 filter
This works a treat, and restricts the ports to just that names (i.e. 80).
However, I have been asked to block an address range for all port 80 access, so I
created an object as follows:
3 Blocked80_List - Addresses Blocked By Firewall
Index Type Beginning Ending
----- ----- --------------- ---------------
1 host nnn.nnn.nnn.nnn (bad guy)
And I set this in the filters to prevent the blocked list from access as below - but
it does not seem to have any effect.
9 #Blocked List Filter
Deny "EXTERNAL" ALL log
from "Blocked_List"
to "ANY_IP"
What am I doing wrong? Any clues, or is the failure because the tunnel is processed in
such a way that the filter is not invoked (order of processing).
Thanks in advance to the group for any help.
Long may the group continue - some invaluable stuff comes through - even though I may
not be using the features (YET!).
=======================================================================================
FAO: Moderator - Would it be possible to have my old address in the group list
[EMAIL PROTECTED] changed to this one [EMAIL PROTECTED]? Thanks.
=======================================================================================
Best Regards,
Steve Leach
Network Manager
Miami International Limited
Eaglescliffe Logistics Centre
Durham Lane
Egglescliffe
URL: http://www.askalix.com
TEL: 01642 356205
e-mail: [EMAIL PROTECTED]
