Vista Forums - View Single Post

07-05-2009

A block rule always takes priority over an allow rule. Once ports 80 and 443
are blocked, another rule exception will never un-block them.

Instead you have to make the same block rule not apply to the proxy server,
so that it will be exempt.

Create an Outgoing rule to block remote ports TCP 80 and 443 , and in the
scope set two ranges for the remote IP address that exclude the proxy
server. Ignore the VPN tunnel IP addresses, as the firewall will not see
those.

So, for example, if your proxy server on the other side of the tunnel has an
IP address of 172.10.45.100, then the scope should 0.0.0.0 - 172.10.45.99
and 172.10.45.101 - 255.255.255.255.

Simple!

Martin

07-05-2009	#2 (permalink)
Martin Connolly n/a posts	Re: Advanced firewall rules help please. A block rule always takes priority over an allow rule. Once ports 80 and 443 are blocked, another rule exception will never un-block them. Instead you have to make the same block rule not apply to the proxy server, so that it will be exempt. Create an Outgoing rule to block remote ports TCP 80 and 443 , and in the scope set two ranges for the remote IP address that exclude the proxy server. Ignore the VPN tunnel IP addresses, as the firewall will not see those. So, for example, if your proxy server on the other side of the tunnel has an IP address of 172.10.45.100, then the scope should 0.0.0.0 - 172.10.45.99 and 172.10.45.101 - 255.255.255.255. Simple! Martin
My System Specs