07-12-2012 11:06 AM
How are you?
I hope I can help solve my problem:
I have an SSG140 with 2 network segments. 172.31.114.0 and 172.31.115.0. I change the policy so that some equipment can be seen between network segments? As I can only specify https and https ports for those network segments? Thus not all ports are open.
I've always used the GUI
thank you very much
Solved! Go to Solution.
07-17-2012 05:04 AM
What zones are the network segments in? Trust to trust?
Just use the GUI to select the Policy and only allow traffic through on the https protocols.
Remember, the policy application in the GUI does not specify network to network within the actual choices, but zone to zone. Once you open the Policy from zone to zone you can choose the networks or hosts and protocols.
07-18-2012 07:29 AM
The two segments I have them in the same SSG140. In an interface is 172.31.114.0 and one for the 172.31.115.0
My network has grown, so I created two network segments.
I need some equipment only see each other, and not all. I have no idea how. I want to do for which there is less network traffic. Also specify the protocols.
Thank you very much for your support
07-18-2012 07:56 AM
Okay, I understand the interfaces, however, Policies are designed at the beginning via zones. So, the itnerfaces you mention will be bound to zones..... you can check within the
network / interfaces / list and then look at the zone those interfaces are in. If they are both in the trust zone then you need a "trust-to-trust" policy. Within the policy, choose the network, protocols and anything else you want to allow through.
The default zones are:-
Your organisation may have created other zones and placed the interfaces within those. You will need th zone names before you can create the Policy.
07-18-2012 01:02 PM
You mean I can create several groups (Policy> Policy Elements> Addresses> Groups), add users and within the policy (trust-trust) only allowed to see between groups I choose?
Thank you so much you support