access from Trusted to Optional?

I understand how access from DMZ (optional) to trusted is blocked, but what about the other way around? It would seem like by default trusted should be able to have any access to DMZ - is that true? Or do I have to add a new access rule for every type of access.
E.g. if I put a web server on DMZ, and want to test and access it from trusted, do I need to add new rules for every type of access?
(http, https, ssh, ping, ...)

Comments

  • The default stance of WG firewall is that no traffic can go from 1 firewall interface to another without a policy allowing it.

    So you will need a policy to allow access From Trusted To Optional unless there is already a policy allowing the desired access.

  • Thanks, that is what I had inferred and found - so added the desired policies, and all is well.

Sign In to comment.