You have to think from the firewall's perspective. You want to make rules that allow the smallest amount of traffic you can, and have a default deny rule at the bottom. This means you should normally apply firewall rules to the interface the traffic comes in on. In most cases, you want to apply firewall rules as close to the source of traffic as possible. UniFi Firewall rules are grouped by the interface, and the direction. This allows us to use the network separations we made, and apply security and traffic policies to them. Once you have your VLANs and subnets setup, the next big thing to look at is firewall rules. Now that I covered VLAN and subnet basics, I want to get a little more practical. UniFi Firewall Basics: DNS for a Guest Network Firewall Rule Interface and Direction
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |