|
Posted by Wayne on March 5, 2007, 9:55 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> Hi friends,
>
> I just had a basic question on configuring Symantec 5620 firewall. I
> wanted to know what is the equivalent of Cisco command same-security-
> traffic permit intra-interface in Symantec firewall.
>
> The reason that I am asking is because the Symantec firewall is the
> default gateway of a LAN 192.168.0.0/24. Now, the firewall has a
> static route to reach 192.168.1.0 segment.
>
> So, other computers / servers whose default gateway is Symantec
> firewall will also talk to the 192.168.1.0 network through the
> Symantec firewall's static route to 192.168.1.0 network. Right now,
> they are not able to talk to 192.168.1.0 network unless i create a
> static route on the specific PC's / servers.
>
> Now how can I avoid adding static routes on the individual PC's /
> servers ? There should be a feature to allow the firewall to pass
> traffic entering and exiting the same firewall's interface. The
> packets are entering the firewall's inside interface and leaving the
> firewall's inside interface. They are not touching the firewall
> interface's public or outside interface.
>
> Please advise.
>
> Thanks a lot
> Gautam
>
This will work, but in addition to adding the static route, you will need to
create a rule that will allow traffic FROM 192.168.0.0 /24 TO 192.168.1.0
/24 and selecting the protocol group (possibly "all" protocols).
| 
XML site map