04-18-2012 09:20 AM
We allow access to the web for vistors and deny access to internal reources. I am being asked to allow access to one server and a printer on the internal network while disallowing access to all other internal reources and keeping the access to the web. I created a policies to deny access to the internal reources. I created another policy to allow access to the server and the printer. I put that rule before the deny all internal resources.
04-27-2012 05:56 AM
It goes out to the internet. The public DNS gives the public IP. When it comes back to the server, it goes through a firewall and gets NATed to an internal IP address. In policies, I have all internal networks denied, but allow the IP addresses through before the denies. Do I have to set a static route on the controller to say that the source be the public IP to the destination of internal IP?