Looking for Default Behavior of LAN to LAN access list

72 Views Asked by At

I have inherited admin of an NSA3600. There are a ton of LAN>LAN allow rules configured. It would seem to me that from the LAN zone to the same LAN zone, the default would be to allow the traffic. Is this a situation where once an allow rule is manually configured, the OS places an Implicit DENY at the end of the list? There in NOT an Explicit DENY at the end of the list, so what would the reason for the specific Allow rules to be configured otherwise?

Thanks for the help, and sorry if this is in the wrong forum..

1

There are 1 best solutions below

0
On

I'd need a bit more detail, but to my knowledge there would not be an implicit Deny. Referring to SonicOS 5 & 6, unsure about the new 7. It's more likely because you have other devices/subnets (APs, Routers, VLANs) that are part of the same LAN zone. Therefore you have greater granularity with what is permitted or denied in your access rules.