topic Re: Access Policy local subnets in Spark Firewall (SMB)

Access Policy local subnets

Bazz_Tars — Wed, 10 Nov 2021 21:53:21 GMT

Hi

Need clarification please

I have the following local network LAN ports configured on a SMB 1530 and managed via smart 1 Cloud

- no vlan - no bridge , running as separate networks

port 2 - 192.168.8.254 /24

port 3 - 172.16.1.254 /24

port 4 172.16.2.254 /24

For these LAN subnets to communicate with each other:

1. Do I need to create an allow Access control rules between the subnets

2. Since I am doing HIDE NAT on the those subnets do I then need to add a manual NAT keeping the original source IP address ?

I did some initial tests and seems I can route between those subnets without the above in place

Just need to know what is best practice

Thank you

Re: Access Policy local subnets

PhoneBoy — Sat, 13 Nov 2021 00:41:59 GMT

Depends on this setting:

If you have it set to standard, it operates as it's working for you now.
If you have it set to strict, then you need to configure specific rules (both for access and NAT).

Re: Access Policy local subnets

the_rock — Sun, 14 Nov 2021 03:57:24 GMT

Set up brand new 1530 for customer recently, what phoneboy said is exactly right!

Re: Access Policy local subnets

Bazz_Tars — Sun, 14 Nov 2021 11:00:57 GMT

Hi PhoneBoy

I am managing the 1530 R80.20 from Smart-1 Cloud so using the Access Policy from there
would the same still apply?

thank you

Re: Access Policy local subnets

PhoneBoy — Mon, 15 Nov 2021 00:04:58 GMT

Is a similar screen accessible from the local appliance in that case?
I don’t have a centrally managed SMB appliance handy to check.

Re: Access Policy local subnets

G_W_Albrecht — Mon, 15 Nov 2021 06:38:37 GMT

No - you will only see the tabs:

- Home
- Device
- Users & Objects
- Logs & Monitoring

So all other configuration is managed from Cloud Dashboard.