Asymmetric routing

Are the default zone firewall rules
NAT between zones?
If not do they now get stopped
Do to Asymmetric routing?

I had a look through the iptables in the WUI but am not familiar enough with it to be able to figure out if they are using NAT between the zones or not.

What I can say is that I use the default access rules for being able to access and work on things in the orange zone from computers in my green zone and that is still working fine with the change to CU169, so those default rules perform the same with CU169 as they did with many previous CU’s.

Does it work the same if you try to connect with host name?
Instead of IP.

I am accessing the computer in orange using ssh and for that I am always using the fully qualified hostname for the access.
So yes it works with a hostname for me.


(1) green to dmz response dmz to green = ok
(2) green to red to dmz response dmz to red to green = ok
(3) green to red to dmz response dmz to green = bad Asymmetric.

ssh being a tunnel not sure it would be affected.
So long as example (3) is not possible
the Default rule should be unaffected
Thank for your help

1 Like