Forums

Resolved
0 votes
Hi,

I'm looking for a way to further restrict access to DMZ servers by source IP, i.e. only allow workers at our remote site to access the Lync server. I tried googling for this, but found nothing - even though it seems like a pretty basic thing to do.

I know this is not waterproof, but it should stop 99.9% of automated malware attacks. Is there way to do this with ClearOS?

Cheers!
In DMZ
Tuesday, January 31 2017, 10:57 AM
Share this post:
Responses (1)
  • Accepted Answer

    Tuesday, January 31 2017, 03:21 PM - #Permalink
    Resolved
    0 votes
    I would have thought you should be able to do it with a custom firewall rule or two, but I am unsure how firewalling is working with a DMZ. Can you give the output to:
    iptables -nvL
    iptables -nvL -t nat
    and please put the results between code tags.

    If your Lync server is only accessed by your remote site, why not connect the two sites by VPN? Then you don't have to expose the Lync server to the public at all.
    The reply is currently minimized Show
Your Reply