Why are my networks not segmented?

ToddAndMargo2ToddAndMargo2
edited February 22 in Firebox - Other

Hi All,

Model T10-W
Version 11.12.1.B522519

1 Trusted General Office 192.168.25.1/24
2 Trusted Point-Of-Sale 192.168.29.1/24

From a computer on 192./168.25.0/24:

zenmap: nmap -sn -T4 192.168.29.0/24
Starting Nmap 7.98 ( https://nmap.org ) at 2026-02-21 17:28 -0800
Nmap scan report for 192.168.29.1
Host is up (0.0010s latency).
Nmap scan report for 192.168.29.100
Host is up (0.0030s latency).
Nmap done: 256 IP addresses (2 hosts up) scanned in 11.57 seconds

AAAHHHHH !!!!! These are suppose to be segmented. What am I doing wrong ?????

Setting up the following firewall rule fixed it, but why was it necessary?

Yours in confusion,
-T

Comments

  • Bruce_BriggsBruce_Briggs
    edited February 22

    If you have policies with To: and/or From: Any-trusted or Any, those will potentially allow traffic between different firewall interfaces or VLANs.

    Options include:
    1) reviewing your policies which may allow these undesired connections from 1 firewall interface to another - and replacing Any-trusted or Any with a different From/To interface name or alias.

    2) change the interface type from Trusted to something else, such as Optional or Custom on the the Point-Of-Sale interface AND make sure that traffic between your 2 interfaces is allowed as desired by new or modified policies

  • ToddAndMargo2ToddAndMargo2

    Thank you!

Sign In to comment.