cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Drop All From External IP's

I have read some posts about wanting to change the Deny All rule to a Drop All.  I also understand that doing this causes things like DNS etc. to stop working.  I see the want for this and would like to do it myself so that network scans etc. do not get any response back.  I am wondering if you create a rule just above the Deny All rule that is a Drop All from only the External interface what kind of impact would it have?  Would it break things like VPN connections etc?  I am just thinking if the traffic was initiated externally and didn't match any rule, would it be OK to just drop the packets.  I am curious to know if anyone has tried this or knows what kind of impact it would have.  Thanks for your feedback!

2 Replies
Level 13
Report Inappropriate Content
Message 2 of 3

Re: Drop All From External IP's

Hello,

The rule that you want to create does sound like the correct route to go, take a look at this KB article. It is actually for an upgrade from a previous product version, but most of it will apply.

Firewall Enterprise/Sidewinder/Secure Firewall 7.x: HA communication or NTP/DNS queries fail after upgrading from Classic/TSP to Firewall Enterprise KB64684

Note: if you create the drop rule and it is not matching the traffic, try setting a redirect for the rule. There are times where traffic with a destination of the firewall may not match a rule unless it has a redirect. If this is the case for you then I would suggest contacting support to report that.

-Matt

Highlighted

Re: Drop All From External IP's

I will do some testing with it and see what happens.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community