Author Topic: How to Block WAN but Allow LAN (incl. or excl. SMTP) ?  (Read 194 times)

Offline patwwh

  • Newbie
  • *
  • Posts: 6
How to Block WAN but Allow LAN (incl. or excl. SMTP) ?
« on: August 22, 2022, 11:06:34 PM »
Hello, how should I set Firewall rulesets, so as to Block WAN but Allow LAN (incl. or excl. SMTP respectively) ?

Offline C.O.M.O.D.O RT

  • Comodo Staff
  • Moderator
  • Comodo's Hero
  • *****
  • Posts: 999
Re: How to Block WAN but Allow LAN (incl. or excl. SMTP) ?
« Reply #1 on: August 29, 2022, 06:33:46 AM »
Hi patwwh,

Thank you for reporting, kindly refer the below link
https://help.comodo.com/topic-72-1-766-9176-Network-Zones.html?af=7639

Thanks
C.O.M.O.D.O RT
« Last Edit: August 29, 2022, 06:40:31 AM by C.O.M.O.D.O RT »

Offline 5Lqep

  • Comodo Member
  • **
  • Posts: 40
Re: How to Block WAN but Allow LAN (incl. or excl. SMTP) ?
« Reply #2 on: September 18, 2022, 03:04:04 AM »
Hi patwwh,

Thank you for reporting, kindly refer the below link
https://help.comodo.com/topic-72-1-766-9176-Network-Zones.html?af=7639

Thanks
C.O.M.O.D.O RT

I don't understand the link. It doesn't tell how to define a zone for internet.
I also asked the question earlier here https://forums.comodo.com/firewall-help-cis/how-to-define-network-zone-for-internet-t128608.0.html

EDIT: I think he wants to only allow LAN. To do that use rule 192.168.0.2-192.168.255.254 then a rule block all other(Block IP IN/OUT Anyanyany)
« Last Edit: September 18, 2022, 08:27:47 AM by 5Lqep »

Offline panic

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 11825
  • Linux is free only if your time is worthless.;-)
Re: How to Block WAN but Allow LAN (incl. or excl. SMTP) ?
« Reply #3 on: September 18, 2022, 03:36:10 AM »
G'day,

I think there is a basic misunderstanding behind your request.

You say you want to

1. to Block WAN but Allow LAN (incl. or excl. SMTP respectively)
2. define a zone for internet

Firstly;
LAN = Local Area Network - with the emphasis on LOCAL. Your LAN is everything on the inside of your router/modem
WAN = Wide Area Network - pretty much everything on the other side of your router - www, email, FTP - all the good things.

If you block WAN and only allow LAN - you've just blocked all the good stuff.

Re. the other half of your original request whare you say "but Allow LAN (incl. or excl. SMTP respectively)", unless you are running an SMTP (email) server on the interior of your LAN and only ever send emails to other people on the inside of your LAN, all SMTP (outbound email) requests will need access to the WAN.

You can't have your cake and eat it too without getting exceptionally complex in your rules, zones and exceptions schema.

Without using terms like  LAN, WAN or SMTP, can you rephrase your request in plain English, explaining exactly what are you trying to achieve and I'll see what we can work out.

Cheers,
Ewen :-)
As your mums would say, "If you can't play nice with all the other kiddies, go home".
All users are asked to please read and abide by the  Comodo Forum Policy.
If you can't conform, don't use the forum.

 

Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek