How Firewall Rule Enforcement Works

For additional information on setting up firewall rules, see the following topics:

“Default Firewall Rules” on page 67

“Managing Firewall Rules” on page 68

“Firewall Services” on page 75

“Schedules” on page 79

“Virtual Servers” on page 82

Default Firewall Rules

The following table lists the default firewall rules available on the X family device. You can add, delete or edit these rules. However, be careful when editing or deleting the default rules as this may prevent you from configuring the device or accessing some services on the device. If this does happen, you can restore access by resetting the device to factory default settings using the instructions provided in the Hardware and Installation Guide.

Table 4–1: Default Firewall Rule Configuration

ID

Action

Source

Dest Zone

Service

Logging

State

Description

Zone

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

1

Permit

LAN

WAN

ANY

Off

Enabled

Allow LAN

 

 

 

 

 

 

 

unrestricted

 

 

 

 

 

 

 

access to WAN

 

 

 

 

 

 

 

 

2

Permit

ANY

this-device

vpn-

Off

Enabled

Allow VPN

 

 

 

 

protocols

 

 

termination

 

 

 

 

 

 

 

 

3

Permit

LAN

this-device

management

Off

Enabled

Allow

 

 

 

 

 

 

 

management

 

 

 

 

 

 

 

access from

 

 

 

 

 

 

 

LAN via https,

 

 

 

 

 

 

 

ssh, snmp, or

 

 

 

 

 

 

 

ping

 

 

 

 

 

 

 

 

4

Permit

LAN

this-device

network

Off

Enabled

Allow DNS and

 

 

 

 

protocols

 

 

DHCP-server

 

 

 

 

 

 

 

from LAN

 

 

 

 

 

 

 

 

X Family LSM User’s Guide V 2.5.1

67