We have a TZ300 with 2 local networks firewalled from each other internally. X0(PCI network) needs rules for the Sonicwall while the x3(business) interface does not. x1 is our gateway to the internet. Access to the internet will stay up for a day or so, then just for x3 to x1(internet) states link down. However, x0 to x1(internet) still provides internet. As our gateway is on our ISP's hardware and shares the same subnet as the x3 network in the 10.0.x.x space, we run this in transparent mode. We are simply trying to implement this right now for PCI compliance. We also have another firewall in place, this TZ300 is just to firewall off our PCI environment.
↧