Firewall rule for work question



  • I am going back to work and have to make firewall rule changes.  I have brought up interface 5 on my firebox 500.  I have give it a ip address of 192.168.19.x.

    This is just a precaution since I have been on short term disability and just going back to work.  I want to make sure that none of my traffic from my internal networks shows up at work.

    Right now I have the following configuration:
    RE0 - WAN
    RE1 - Internal / primary wireless 192.168.14.x
    RE2 - Secondary wireless (monitored for visitors and internal use)
    RE3 - Vonage (only device connected (IP scheme one device)
    RE4 - My workstation
    RE5 - My work laptop

    I am having two problems: 
    1.  My solar windows device monitor can't pull the status via IP or MID of the firewall to show the status
    2.  What rules do I need to build to make sure that interface 5 can only see the printer on RE1 and not else.  and don of the other interfaces can connect to my laptop.

    Any help with the rules would be very beneficial.
    RC



  • Here is what I have built so far

    • OPT4 net * WAN address * *   Work Segment

    *      TCP 192.168.14.x * OPT4 net * * Access to printer

    • ICMP 192.168.14.x * OPT4 net * * ping access to firewall

    • TCP OPT1 net * OPT4 net * * limiting access to 192.168.14.x

    • TCP OPT2 net * OPT4 net * * limiting access to 192.168.15.x

    • TCP OPT3 net * OPT4 net * * limiting access  to 192.168.17.x

    I hope I headed in the right direction.  I just want to make sure that the business and home network is completely separated.  I may have to make additions and subtractions based on the new equipment that I am issued.  Any thoughts on the direction that I am headed?
    RC


Locked