Azure IaaS Lab – Proving the Firewall

This post is part of a series, for the series contents see:

Over the last few posts I’ve built a firewall and routed traffic through it – but does it work?

The routing part is easy enough to demonstrate with a simple trace route:

Firewall Tracert

At the moment the firewall is set to simply allow any traffic through, so the next logical step is to block something and prove that it’s doing it’s job.

First up, enable logging in Zentyal:

Firewall Logging.PNG

Then, configure a rule to block ping from the management VM to the DMZ web VM:

Firewall Rule.PNG

Send some ping traffic its way (it should fail):

Firewall Ping Fail

Finally, verify in the logs:

Firewall Log Entry.PNG

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: