Limit Server Internet Access to Specific IP Range
CEAdmin
Newbie ✭
On an NSa 4700, we would like to restrict the internet access of a specific application server on our internal network so that is can only reach a specific IP/IP Range/hostname. Is this possible with the app control or access rules within sonic OS, and if so...how?
Category: Firewall Security Services
Tagged:
0
Answers
Let me search for you:
No need, I already did. This says nothing about blocking all egress traffic except to a specific IP range or service. It just describes blocking by source, not destination.
Rules are processed top to bottom, first match wins.
Create a rule allowing what you want to allow. Create a rule blocking what you don't want to allow. Re-order the rules to suit.