Scenario:
We have to configure firewall such that computers can access only limited
number of service to the internet.
Step1>
First we need to configure the basic LAN
and WAN settings on the firewall.
Step2>
To allow only particular ports we can
define it in services, if it is well known port we can get it from predefined
or else we have to create new service and define it in one group.
Firewallà ServiceàCustomà
Click on Create New and enter the
following details
Similarly we define multiple custom
ports
Step3>
Now we define all the ports that we want
to use in a group.
To do so go to,
Firewallà ServiceàGroupà Click
on create New and enter the following.
Click on OK
Step4>
Now we need to define the policy.
To do so go to,
Firewallà Policyà
Click on edit for the default policy.
Now in policy instead of ANY services select the service group that we have
defined click ok.
Once these settings are done all other
ports except the ones which we have defined in the group are blocked.
NOTE:
If access from externally then also only
the allowed service will be available
No comments :
Post a Comment