Rules for NAT router and Sygate Pro?

Discussion in 'other firewalls' started by taytong888, Mar 26, 2006.

Thread Status:
Not open for further replies.
  1. taytong888

    taytong888 Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    138
    Hi,
    Newbie here. I got a XP Home SP2 with DI-624C router (DSL_PPPoE) and Sygate Pro. Here are my current rules but I would appreciate your suggestions on rules such that both firewalls work together. Thanks in advance.

    Router: Disable WAN ping. Other than this, firewall is not yet enabled. If I were to enable the hardware firewall, its top rule would block all incoming connections from WAN to LAN. I am concerned that this would interfere with Sygate rules below so I leave NAT fw inactivated for now. Any suggestions?

    Sygate:

    1) Allow incoming/outgoing ICMP types 0,8
    2) Allow incoming/outgoing traffic from/to all hosts on UDP remote ports 68,137 to/from UDP local ports 67,137
    3) Trust IP of ISP: allow incoming/outgoing traffic to/from all ports on IP protocol type 69 - 206
    4) Applications: allow ISP mail servers and Firefox, etc.
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Enabling the firewall on the router would be the thing to do. This should not impact your Sygate rules.

    ICMP rules in Sygate would only apply to LAN systems for inbound, and permit outbound to the Internet. The router would deal with inbound ICMP from the Internet.

    These rules should be for you LAN subnet instead of all hosts.

    What is the purpose of this rule?

    Check that your client applications do not have "act as a server" selected, which I believe is the default in Sygate and will need to be changed.

    Regards,

    CrazyM
     
Thread Status:
Not open for further replies.