SonicWALL NSA 5000, 3500, 4500 manual Creating Network Access Rules, Wan Dmz

Page 39

Creating Network Access Rules

A zone is a logical grouping of one or more interfaces designed to make management, such as the definition and application of access rules, a simpler and more intuitive process than following a strict physical interface scheme.

By default, the SonicWALL security appliance’s stateful packet inspection allows all communication from the LAN to the Internet, and blocks all traffic from the Internet to the LAN. The following behaviors are defined by the “Default” stateful inspection packet access rule enabled in the SonicWALL security appliance:

Originating Zone

Destination Zone

Action

 

 

 

 

 

 

LAN, WLAN

WAN, DMZ

Allow

 

 

 

DMZ

WAN

Allow

 

 

 

WAN

DMZ

Deny

 

 

 

WAN and DMZ

LAN or WLAN

Deny

 

 

 

To create an access rule:

1.On the Firewall > Access Rules page in the matrix view, click the arrow connecting the two zones that need a rule.

2.On the Access Rules page, click Add.

The access rules are sorted from the most specific at the top to the least specific at the bottom of the table. At the bottom of the table is the Any rule.

Page 38 Creating Network Access Rules

Page 38 Page 40
Image 39
Page 38 Page 40
Contents Getting Started Guide SonicWALL NSA Getting Started Guide Document ContentsSonicWALL NSA Series BackThis Section Pre-Configuration TasksCheck Package Contents Registration Information Obtain Configuration InformationAdministrator Information Obtain Internet Service Provider ISP InformationFront Panel Back Panel Power Supply8 The Back Panel Registering Your Appliance on mysonicwall.com Before You Register Product Registration Registering and Licensing Your Appliance on mysonicwall.comSupport Services Licensing Security Services and SoftwareService Bundles Gateway ServicesSonicWALL NSA 5000/4500/3500 Getting Started Guide Registration Next Steps Registering a Second Appliance as a BackupDeployment Scenarios Selecting a Deployment Scenario ABCScenario a NAT/Route Mode Gateway Scenario B State Sync Pair in NAT/Route Mode Scenario C L2 Bridge Mode Initial Setup Connecting the WAN PortSystem Requirements Applying Power Connecting the LAN PortAccessing the Setup Wizard Accessing the Management InterfaceTesting Your Connection Connecting to Your NetworkActivating Licenses in SonicOS Saving a Backup Copy of Your Preferences Upgrading Firmware on Your SonicWALLObtaining the Latest Firmware On the System Settings page, click Upload New Firmware Upgrading the Firmware with Current SettingsUpgrading the Firmware with Factory Defaults Using SafeMode to Upgrade FirmwareConfirmation dialog box, click OK to proceed Uploaded Firmware NewConfiguring a State Sync Pair in NAT/Route Mode Initial High Availability SetupScenario B Configuring High Availability Configuring Advanced HA SettingsNavigate to the High Availability Advanced 30 Configuring a State Sync Pair in NAT/Route Mode Synchronizing Settings Synchronizing Firmware Adjusting High Availability SettingsHA License Configuration Overview Click Register Associating Pre-Registered Appliances Configuring L2 Bridge Mode Configuring the Primary Bridge Interface Connection Overview IP Assignment drop-down, select Layer 2 Bridged Mode Configuring the Secondary Bridge InterfaceAdditional Deployment Configuration WAN DMZ Creating Network Access RulesSonicWALL NSA 5000/4500/3500 Getting Started Guide Creating a NAT Policy SonicWALL NSA 5000/4500/3500 Getting Started Guide Configuring Address Objects Leave Create a reflexive policy unchecked Configuring NAT PoliciesEnabling Gateway Anti-Virus Enabling Security Services in SonicOSSonicWALL NSA 5000/4500/3500 Getting Started Guide Enabling Intrusion Prevention Services Security Services Gateway Anti-Virus page, click AcceptSecurity Services Intrusion Prevention page, click Accept Enabling Anti-Spyware Applying Security Services to Network Zones Deploying SonicPoints for Wireless Access Configuring SonicPoint Provisioning ProfilesUpdating SonicPoint Firmware 802.11g Radio tab Select Enable Radio Select Enable SonicPointConfiguring a Wireless Zone Assigning an Interface to the Wireless Zone Connecting the SonicPoint Using Packet Capture Troubleshooting Diagnostic ToolsUsing Ping Using the Active Connections Monitor Using Log View For this Task See this Chapter Deployment Configuration Reference ChecklistSupport and Training Options Customer Support Support ServicesKnowledge Portal SonicWALL Live Product DemosUser Forums Training Related Documentation Product Safety and Regulatory Information Cable Connections Safety and Regulatory InformationLithium Battery Warning Rack Mounting the SonicWALLKabelverbindungen Safety and Regulatory Information in GermanWeitere Hinweise zur Montage Hinweis zur LithiumbatterieRegulatory Information for Korea FCC Part 15 Class a NoticeCanadian Radio Frequency Emissions Statement Cispr 22 EN 55022 Class aTrademarks Copyright Notice70 Notes SonicWALL NSA 5000/4500/3500 Getting Started Guide 72 Notes Rev a 01/08
Top Page Image Contents