Hi,
Until now, we've been Negating All_Internal_Networks group in the rulebase to refer to the internet, however you cannot negate a NAT rule...
So I have created an INTERNET group that contains the following IP-range objects:
Internet_Addressing1 = 0.0.0.1 to 9.255.255.255
Internet_Addressing2 = 11.0.0.0 to 172.15.255.255
Internet_Addressing3 = 172.32.0.0 to 192.167.255.255
Internet_Addressing4 = 192.169.0.0 to 255.255.255.254
My question is whether there is any value in excluding 0.0.0.0/8, 127.0.0.0/8, 169.254.0.0/16 and all the other private networks as defined in RFC5735? and should 255.255.255.255 be included or not?
Any suggestions would be welcome...
Thanks in advance,
----------------------------------------
Until now, we've been Negating All_Internal_Networks group in the rulebase to refer to the internet, however you cannot negate a NAT rule...
So I have created an INTERNET group that contains the following IP-range objects:
Internet_Addressing1 = 0.0.0.1 to 9.255.255.255
Internet_Addressing2 = 11.0.0.0 to 172.15.255.255
Internet_Addressing3 = 172.32.0.0 to 192.167.255.255
Internet_Addressing4 = 192.169.0.0 to 255.255.255.254
My question is whether there is any value in excluding 0.0.0.0/8, 127.0.0.0/8, 169.254.0.0/16 and all the other private networks as defined in RFC5735? and should 255.255.255.255 be included or not?
Any suggestions would be welcome...
Thanks in advance,
----------------------------------------