Smart Firewall Rule
I´m looking for a smart way to define a firewall-rule that stops people from sitting in the localarea network with the internal network interface and at the same time connect to "for example hotspot" with the wireles network interface. Today I´m using a rule that , if the DHCP server ip adres is external and the DNS server ip adres is internal the Security level goes to Strict.
But this is based on that I define the external DHCP adresses that could occur. And thats not the best solution.
Anny tips /ideas would be grateful.
Sorry for the late reply!
I'm assuming you're talking about firewall autoselection feature. I'm suggesting the following configuration:
1) Define your internal networks' DHCP and DNS servers as argument1 and argument2 and make the rule to set the firewall level to (more relaxed) firewall level. (this is to ensure we're sure we're inside the company network.)
2) Repeat the step above for all the possible configurations your networks might have
3) Create a "catch-all" -rule at the bottom of the ruleset with argument1 and argument2 being "always" and "always" and make the firewall to go to "strict" firewall level.
Configuring the autoselection like this will ensure you're always on "strict" firewall level whenever you're not sure the user is specifically connected to only your internal network.
Usually the firewall ruleset to be used instead of the literal "strict" -level is "mobile" -level.
Hopefully this helps.0 Like