From MyPC I’m able to do the PING on every address, but not to do http://192.168.113.11
Instead, if I change the static address of my PC’s NIC to 192.168.113.101 and insert the cable directly into the server or in its switch I can access the GUI with the same URL.
The server is configured with
192.168.113.11/24
Gtw: 192.168.113.1
DNS 8.8.8.8,8.8.4.4
I have put the rule; I wrote it before.
Obviously it is not enough.
But I don’t understand why I from the LAN (Green) I can access in the DMZ (Orange) for example the SQL server, the Remote Desktop and other services without the need for rules.
And instead for port 80 I have to write one.
I believed that from the LAN (Green) I could access to DMZ (Orange) without problems and that the rules were necessary for access from Internet (Red).
Found and solved!
The problem is related to Network Based Access Control.
By moving IPFire from the test network to the production network and therefore changing the addresses of the Green and Orange areas, the old address remains in the field Allowed subnets.
Changed this with the new subnet address, I am unable to access the server again.