Allow traffic to amazonaws.com
Hi have a NAS that is backing up data to AWS.
Because there were security issues with the device in the past, I want to cut it off from internet except data backup and software updates.
So I set up a "Block Internet" rule for the device and want to allow the amazonaws.com domain.
But when I try to save such a rule, I get a message saying "Allow rules matching target amazonaws.com are not supported".
Why do you prohibit a "allow" rule for amazonaws.com
-
Sorry, I forgot that amazonaws.com is a TLD domain (also known as public suffix), which means lots of domains could be hosted on amazonaws.com. This may cause performance degradation when allowing the whole TLD domain.
May I know why you want to allow it?
Reference:
-
Got it. It's a limitation of the app. The TLD domain itself is also a valid domain.
As a workaround, I suggest:
- login https://my.firewalla.com with Firewalla app
- create a target list
- add the two domains to the list
- and in the app, create an allow rule on the target list.
Here is the doc on target list: https://help.firewalla.com/hc/en-us/articles/1500005941962-Firewalla-Feature-Target-List
-
The setting with the target list did not work - the traffic was still blocked.
But while reading https://help.firewalla.com/hc/en-us/articles/360008521833-Manage-Rules#h_407c0ea9-6d3c-4e12-8b0c-80c900f65681, I found out that I can use asterisks in domain name. I tried that on the mobile app with no luck (input not accepted), but it worked on the web interface!
Please sign in to leave a comment.
Comments
12 comments