Firebox in Front of Servers with no NAT
I want to put a Firebox in front of my servers running on Hyper-V. I would like to not use NAT. I think what I am looking for is transparent mode so the Firebox would be placed between the servers and the network. The goal is that I want a policy that will alert me if anyone tries to RDP or use other ports that I wish to block. I saw that it has Drop-in mode but no examples on how to connect it into your network. I did this with Pfsense where the server was coming into one interface and then out another interface connected to the network. I could then see all traffic flowing and did not have to touch any network settings. But Pfsense cannot alert so I am wondering how to do it with Watchguard.
0
Sign In to comment.
Comments
Drop-in mode or bridge mode is probably what you are looking for. Here is an example on how you would connect your network: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/net_config_dropin_about_c.html
Just as the name says, you put the firewall between your gateway and the switch with your servers.
In a more advanced setup, you could go for the mixed routing mode and use the same VLAN on multiple interfaces and activate the "intra-VLAN policies" to filter trafiic: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/networksetup/vlan_example_1vlan_2switches_c.html?Highlight=intra-vlan