SMA 400
Hi All,
This is my first time deploying a SMA and it is quite easy. However, I have doubts and wonder if the community can help me.
I have configured my Lab SMA behind my firewall configured like this:
I can sign in to the virtual portal when I type the domain name, if I type the WAN IP, another portal comes up (looks like management), the domain is name LocalDomain, and only accepts the administrator password.
- How I can block people from seeing the admin portal typing my WAN IP?
-Is this scenario following the good practice of deployment?
My understanding is the SMA does not do routing, I configured the port X0 for the DMZ traffic between the Firewall and SMA, and the port X2 as local management.
-Is it recommend to instead of giving to the DMZ zone to access the LAN, connect the port X3 on the SMA to the LAN and define a static route in SMA?
Thank you!
Answers
Move the Management portal to a different port Add firewall rule to permit only a "whitelisted" range and port
create another portal for what services you are making available
Thank you, this information helped a lot.
I've created two portals (contractor and TestVirtual). Is it possible to reach both portals from the WAN using only one interface (X0)?
I can't imagine another way other than connecting the SMA ports X1, X2 or X3 to my firewall (DMZ) and setting up another zone with port forward and rules.