All -
I looked through the existing posts and didn't find anything relating to this so if it is a repeat I apologize.
I've got IPFire up and running as an endpoint on an IPSec tunnel with a Palo Alto PA-220 and it works great. The only thing I had to do at the end was add a Firewall rule permitting all access from my local and remote networks. This is a proof-of-concept so I'm not worried about getting more granular yet - I'll jump that hurdle when I come to it.
What I AM wondering is this. I needed to add a Firewall Rule where I did the following rule:
Source address (network) - Remote Network range
NAT - Use NAT - Source NAT - New Source IP Address - GREEN
Destination address (network) - Local Network range
Protocol - All
Remark - A comment on my rule
I then clicked 'Add'.
Back at the Firewall Rules screen, it said 'Apply changes'. I did this and the firewall rule did not take effect. I gave it five minutes or so in case it just took a while but it never kicked in. I ended up having to reboot the server to get the rule to take effect.
is this correct? Am I missing something else? I'd have expected 'Apply changes' to make the rule I added take effect.
Any suggestions? Obviously I'd prefer a different way of making the rule go active, but if this is what I have to do to use a 'free' product, then so be it.
I'm currently running version 2.21 x64 Core Update 127 on a VM in an ESXi environment in case that helps any.
Thank you in advance!!
Charles
Firewall Rules require server/service restart?
Re: Firewall Rules require server/service restart?
I never needed to reboot to get firewall changes active.
You might check the output of "iptables --list -n" before and after you apply your changes.
hth,
Lars
You might check the output of "iptables --list -n" before and after you apply your changes.
hth,
Lars