Setting up my new Route10 and as soon as I setup my first NAT rule, traffic was passed from the web to my internal server.
I thought the firewall was setup as an implicit deny, which would require me to also setup a firewall ‘allow’ rule for this NAT traffic to work?
A port forward (or redirect) rule will add the required NAT and firewall rules for the port forward to work. All other traffic inbound (input) or through (forward) the WAN zone is denied by default.
Welcome to the forum btw!
Thanks James. I’ll remember that one! If you wanted to take a secure approach, if should be disallowed by default until a relevant firewall rule is also in place, but I guess it just makes it easier for most cases.
Is there any easy way to only allow say 5 very different IP’s through the NAT translation easily? It appears I can’t use groups, and the NAT translation rule only takes 1 source address or range. Would I have to create 5 separate firewall rules with a disallow rule at the bottom of the list?
Currently, you will need to add 5 separate NAT rules for each source.
We are looking at adding groups, but no ETA at the moment.
Makes sense - Thanks for your help