Connect a single device to T35 port with no restriction?

I looked through various online docs and forum posts and could not find a supported way to setup one port on a T35 with a single device on it that has unrestricted packet flow to/from the internet. I'm thinking this would be an easy task but do not want to risk the rest of the T35 security by mis-configuring a policy.

Basically there is a connectivity issue with a device product when it is connected via the normal policy enforcement. The logs are not showing anything obvious in DENYs. Rather than spend considerable time trying to do packet capture and troubleshooting, the single device can be put on its own segment with unrestricted access.

Is this possible?

Comments

  • Add an Any packet filter From: the IP addr To: Any-external
    Move this policy to the top of your policy list.
    To see packets allowed by a policy in Traffic Monitor, enable Logging on it

  • The reason I did not do this is that while researching setting up a DMZ, I found Fireware online references indicating that an Any-packet to Any External was not supported or would be ignored. Happy to try it though.

  • That info is wrong.
    Works just fine.

Sign In to comment.