Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
skandshus
Contributor

Intervlan routing allow A>B but Block B>A

Hey everyone.. can anybody share some experience on how they achieved a setup with inter vlan routing where vlan A can access B but B cannot access A

 

In my ubiquiti world where I come from I was able to push a firewall rule stating that established & related traffic was allowed and then I blocked B to A..

thay way A was able to access B and B was allowed to reply,  but B was never able to start the connection ..

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

It works exactly the same way in Check Point.
You define an Access Policy rule that allows A to talk to B on the desired ports/services.
This allows reply traffic from B only if A initiated the connection.
B cannot initiate a connection to A unless there is an explicit rule allowing it.

0 Kudos
skandshus
Contributor

That’s nice. So if I ever needed bi directional access I would have to make explicit rule allowing A to B and B to A otherwise it would not happen ?

 

0 Kudos
CSR
Contributor

Yes @skandshus  it everything will be blocked until you open/configure the relevant policy.

0 Kudos