Outbound NAT + Access Policy (Firewall) Rule
i setup a NAT to collect all NTP traffic and route it to some dedicated servers on the WAN.
I also setup a firewall rule but this shows no hits but the NAT does.
Would an outbound NAT not need a firewall rule?
thanks for enlighten me. New firewall new questions :)
BWC Cybersecurity Overlord ✭✭✭
@ArminF to the best of my knowledge the LAN -> WAN Rule needs to be SRC: LAN / DST: ANY / SVC: NTP / Action: Allow.
This will allow any NTP Traffic but your NAT Rule will force the requests to your dedicated NTP Server.
The reason why your Rule is not showing any Hits, is probably because you set the Destination Address in your Rule to the enforced NTP Server, which is not correct, because Access Rules covering the traffic BEFORE NAT, therefore the Rule only hits for the original NTP Server, like time.windows.com etc.
The Alps... Wonderfull .. We do live in Switzerland.
Thanks for the hint with the Firewall Rule. Correct i set the Destination to the enforced NTP server.
Changed it now and will see if i got hits