Why can I only block HOST?

[HKNinja]

Hi all,

I am trying to block a network segment from my LAN to WAN. So, I started by creating a network object as below:

10.0.0.0/255.255.0.0 and 10.1.0.0/255.255.0.0.

Then, I group them into a Network Ojbect Group call "Stores".

Following, I go to the Firewall Access then add a new rule to LAN -> WAN.

Here is my problem. I am not able to select the Network Group as the source when I tried to create the rule. The only object listed in Source are "Host" objects. I have over 100 stores, creating a host for each of them is very time consuming. Why Sonicwall won't let me create the rule by the group of network? Am I missing something here? Any input is appreciated.

 

[sharper]

Hello,

What Zone have you assigned to the Network Objects that are in this group "Stores"?

The only Network Objects you will see in the "Source" list when modifing LAN -> WAN ruleset are those that you have put in the LAN zone.

Where are these "Stores" networks with regard to your firewall? Are they connected via VPN?. If so they need to be assigned to the VPN zone when they are created - the only rulesets that you can use to control traffic from these networksare: VPN -> LAN or VPN -> WAN or VPN -> <any other zone>.

Hope this helps,

Oscar.

 

[HKNinja]

I see, now it all make sense! Thanks!