I have a server and agent that I'm testing.
The configuration is:
agent = firewall
server = internal system
The internal system is being NAT'd to for mail and some other things.
What I want to have happen is firewall rules get dropped in for the
active-response, but they should be sent to the agent (firewall) not the
server.
I realize that's backwards about how it normally works; however, it
seems to me that having the "server" on the peripheral network isn't the
most secure way of doing this.
I will reconfigure it all if necessary, if that's the only way this will
really work well...
Thanks.
