Atkins, Dwane P wrote:
My question to all would be that since the DHCP address range and the
Lan interface are on the same subnet, would using rules to deny SSH do
us any good?
Yes.
Would the layer 2 access allow connection to the interface
and basically bypass the firewall rules or do rules get checked prior to
allowing access?
It won't block any layer 2 access to the firewall, but you can't access
any services with just layer 2 (and can't block L2 if you need the
firewall to be able to pass anything at all). If you block this on the
LAN interface for any source, and have disabled the antilockout, you're
in good shape.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
