Block DMZ network from accessing LAN - not working

  • I have a block any from DMZ Subnet to Alias containing all LAN networks.

    The rule does not work. It's like it's not even there. I've trippled checked all the rules in the DMZ and it definitely appears like it would work.

    Any tips?

  • Ok… now I'm kinda weirded out. The rule below at the very top of the list on my LAN interface isn't doing anything. I can still ping servers in the DMZ. Help!

    Proto  Source  Port  Destination  Port  Gateway  Schedule  Description
    ICMP * * DMZ net * *

  • Wow… a reboot made it all better.

    Can someone explain why that was?

    Even when there were no states it was still allowed.....?

