Home

Forums

Stories

Knowledge Base

Business Community > Controllers > Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

< Controllers

Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Slapp39

2024-01-07 04:57:57

Posts: 11

Helpful: 16

Solutions: 1

Stories: 0

Registered: 2024-01-03

Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

2024-01-07 04:57:57

Tags:

Model: OC200

Hardware Version: V3

Firmware Version: 5.12.9

I was looking through the examples of Gateway ACL rules and it isn't clear if by default the OC200 blocks all WAN traffic while also monitoring for all of the attacks enabled in the attack defense. In my previous Network Gateways there was an explicit rule set.

I don't have any inbound routes configured, so I would assume that the Gateway Attack Defense monitoring is protecting itself?

2 Reply

YuukiA

LV2

2024-01-07 06:40:19

Posts: 86

Helpful: 34

Solutions: 2

Stories: 0

Registered: 2022-12-13

Re:Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

2024-01-07 06:40:19

@Slapp39

What did the actual log in Alert/Event show? If those packets already dropped, I don't think it's a problem to setup extra ACL to deal with it.

Slapp39

LV1

2024-01-08 14:07:09

Posts: 11

Helpful: 16

Solutions: 1

Stories: 0

Registered: 2024-01-03

Re:Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

2024-01-08 14:07:09

@YuukiA I deleted the one error I saw, but it was something like "Gateway rejected ping from XYZ" It appeared to be one of the checks from the Settings --> Network Security -->Attack Defense --> Block Ping from WAN. Which is great. Also, since i have no "routes" configured the Gateway shouldn't pass anything on. So to touch on the original question. With 2 previous Gateway/Firewalls, I had to explicitly add in a rule that said to block traffic from WAN --> LAN. But in this case I think I am covered.

Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

Do I need to create a Gateway ACL in OC200 to block WAN Inbound?

Information

Voters 0

Tags