Need help Creating Rule for port access

bergg · February 26, 2007, 4:54pm

I am using the firewall on a personal server(2K3) and have been very pleased with the results. I

I have 4 IP’s for this machine, each IP being used to host a web site. In addition to web site hosting, 1 of the IP’s also runs a personal email program. The web sites use port 80, and the email program uses port 25 and 110. I have a rule for TCP/UDP inbound that allows access to ports 25,80, and 110 on the 4 IP’s. I want to tighten security by disabling port 25 and 110 on the 3 IP’s that only need port 80 inbound and do not need port 25 and 110.

My thouhgt was to modify the existiing rule to allow only port 80 access inbound on the 4 IP’s. I would then create a new rule to allow inbound access to ports 25 and 110 on the 1 IP that also has the email server. Will this approach work? If it will work, is there a better way to do it?

Any help appreciated

Little_Mac · February 26, 2007, 8:21pm

Provided you still have the default Block & Log All rule at the bottom of the Network Monitor, then yes, your idea should work fine.

If you have a rule for all 4 Destination IPs to Allow In on Destination Port 80, then you could add another rule for the 1 Destination IP to Allow In on (set of Ports) Destination Ports 25, 110.

As long as there are no other Allow In rules without Port settings to bypass, you should be set.

LM