Sangfor Community»Categories Products Network Secure (NGAF) Block ip on the same subnet in Sangfor firewall

Block ip on the same subnet in Sangfor firewall

views: 2836 | comments: 12 | added to Favorites 0
Lights on | 提示:支持键盘翻页<-左 右->
    组图打开中,请稍候......
Created: 14 Mar 2024 19:55

Summary:

Hi guys! Has anyone here tried blocking an IP on the same subnet? Then, only selected ones are allowed to access a specific IP?

Reply

jerome_itable Posted 25 Mar 2024 11:51
No, directly blocking an IP on the same subnet through the router's firewall typically isn't possible. Here's why:

    Subnet Traffic Flow: Devices on the same subnet communicate directly with each other, bypassing the router's firewall. The firewall is mainly for controlling traffic entering or leaving the subnet, not internal communication.

However, there are alternative approaches to achieve some level of control:

    Client-side Firewalls: You can configure individual device firewalls (Windows Defender Firewall, etc.) on the machines you want to restrict. This allows them to block incoming traffic from the specific IP on the subnet.

    VLANs (Advanced): If you have a managed switch that supports VLANs (Virtual LANs), you can segment your network into separate logical subnets. By placing specific devices on separate VLANs, you can control communication between them using firewall rules on the router for inter-VLAN traffic.

    Sangfor HCI Specific Tools (if applicable): If you're using Sangfor HCI, it's possible they offer specific tools or functionalities for managing internal network traffic within a subnet. Check their documentation for details.
Zonger Posted 19 Mar 2024 20:20
You can implement an Access Control List (ACL) to define traffic rules for a network. Initially, identify the IP addresses that should be permitted or blocked within the subnet. Then, configure the ACL to reject traffic from the blocked IPs while allowing traffic from the specified ones to access the designated IP. Ensure accurate subnet masking and precise ACL rule formulation to target the intended IP ranges effectively.
pmateus Posted 19 Mar 2024 16:58
Hi,

You can use Access Control Lists (ACLs) to block specific IP addresses. ACLs are a set of rules that control network traffic and can be configured to deny or permit traffic from certain IP addresses to enhance network security.

Enrico Vanzetto Posted 19 Mar 2024 16:18
Hi, you can try to establish an Access Control List (ACL) to outline the required traffic rules. Initially, pinpoint the IP addresses that should be permitted and blocked within the subnet. Next, set up the ACL to reject traffic from the blocked IPs while allowing traffic from the chosen ones to access the specific IP. Make sure to apply correct subnet masking and precision in the ACL rules to precisely target the intended IP ranges.
mdamores Posted 19 Mar 2024 13:47
You need to create policies thru Access control List or ACL to allow/deny access to certain IP address on the same subnet
Tayyab0101 Posted 19 Mar 2024 13:41
can be achieved by using ACL.
Farina Ahmed Posted 19 Mar 2024 13:35
Create an access control list (ACL) to define the desired traffic policies. First, identify the IP addresses to be blocked and allowed within the subnet. Then, configure the ACL to deny traffic from the blocked IPs while permitting traffic from the selected ones to reach the specific IP. Ensure proper subnet masking and specificity in the ACL rules to accurately target the desired IP ranges.
Prosi Posted 17 Mar 2024 18:42
Clients do not even go through the firewall when they are accessing others in the same subnet.
Newbie517762 Posted 15 Mar 2024 12:23
HiHi,

Please try to add the IP address to the Global Blacklist.
See the below information for your reference:
In NGAF Platform\SOC\Blacklist\Global Blacklist.