Source and Destination Filter
Source Nets – Specifies the sender span of IP addresses to be compared to the received packet. Leave this blank to match everything.
Source Users/Groups – Specifies if an authenticated username is needed for this policy to match. Either make a list of usernames, separated by , or write Any for any authenticated user. If it’s left blank there is no need for authentication for the policy.
Destination Nets – Specifies the span of IP addresses to be compared to the destination IP of the received packet. Leave this blank to match everything.
Destination Users/Groups – Specifies if an authenticated username is needed for this policy to match. Either make a list of usernames, separated by , or write Any for any authenticated user. If it’s left blank there is no need for authentication for the policy.
Service Filter
Either choose a predefined service from the dropdown menu or make a custom.
The following custom services exist:
All – This service matches all protocols.
TCP+UDP+ICMP – This service matches all ports on either the TCP or the UDP protocol, including ICMP.
Custom TCP – This service is based on the TCP protocol.
Custom UDP – This service is based on the UDP protocol.
Custom TCP+UDP – This service is based on either the TCP or the UDP protocol.
The following is used when making a custom service:
Custom source/destination ports – For many services, a single destination port is sufficient. The source port most often be all ports,
Schedule
If a schedule should be used for the policy, choose one from the dropdown menu, these are specified on the Schedules page. If the policy should always be active, choose Always from the dropdown menu.
28