Some of your internal users are complaining that they can’t get to the mail server at 10.6.7.22.
Looking at the firewall rulebase in the exhibit, what is the problem?
A.
You don’t have a rule allowing traffic to the host at 10.6.7.22.
B.
Rule 20 blocks traffic from an internal subnet to hosts on 10.6.7.0/24.
C.
No traffic has matched rule 30.
D.
You don’t have a rule allowing mail traffic to subnet 10.6.7.0/24.
when the 1st rule is matching, will the 2nd rule takes place? Here, we are seeing that rule 10 itself is matching. Why is it going to Rule 20?
Please clarify
0
0
Think of it in troubleshooting mentality. Your users aren’t connecting, meaning the rules are bad.
– Answer A is invalid, If Rule 10 WAS matching then your users would be able to connect. So we can assume that the users are not on 10.2.3.0
– Answer C is invalid, we do have rules pointing to our mail server(smtp)
– Answer D is invalid, If Rule 30 and 40 were matching then users would connect
Answer B is left as the only possible culprit. There is an explicit deny from users on the 10.4.5.0 network. This takes place before rule 30/40 meaning it stops all traffic and 30 and 40 are not being processed
0
0