A couple of my clients often get confused with which interface to use when creating a firewall rule. What’s the easiest way to remember which is which?
Why is there a difference?
Sorry to disappoint you, but every interface can be in-interface and out-interface.
For example you have two ports “Local” - to clients and “Public” - to internet
In case of client’s download in-interface will be Public, and out-interface will be Local.
In case of client’s upload in-interface will be Local, and out-interface will be Public.
It depends on which packet the person wants to catch. Ask yourself - the packet I want - where will it come from, and where will it go?
www → IN router OUT —> client
client → IN router OUT → www
as Macgaiver said - make them think - where packet is going , where it goes in and where it goes out, that way you will be always clear what to set where. Same with download and upload - just think where traffic flow goes.
This is great!
Thanks guys I will pass this on immediately.