Chapter 4 Firewall

the device. If a local user has not been authenticated, the rule is ignored and lower priority rules are examined to find a match the session.

Note For additional information on the advanced options, refer to the Concepts

Guide.

Configuration Notes

When a firewall rule is created, the default settings are to enable the firewall rule, disable local and remote logging, and position the firewall rule at the end of the firewall rules table.

After configuring a firewall rule, it will appear in the firewall rules table. You can disable firewall rules so that the device ignores the rule when inspecting traffic. If necessary, you can re-enable the rule at a later date.

Create/Edit a Firewall Rule

Note For firewall configuration examples, refer to the Concepts Guide.

STEP 1

STEP 2

From the LSM menu, select Firewall > Firewall Rules.

On the Firewall Rules page, click the Create Firewall Rule button at the bottom of the page, or click the Edit icon for the rule you want to edit. You may have to scroll down to access the button.

To create a firewall rule above another rule in the table, click the .icon for the firewall rule positioned below the rule you want to create.

STEP 3 On the Create/Edit Firewall Rule page in the Firewall Rule Setup table, enter the setup infor- mation:

STEP A If you want to apply the firewall rule, click Enable Firewall Rule.

STEP B Select the Action you want the rule to apply to the traffic, either Permit or Block or Web filter.

STEP C From the Service drop-down list, select the Service or Service Group that the rule will apply to.

Note To add a new service or service group, select Firewall >

Services to open the Firewall Services page. Then, define the service.

You can then define firewall rules for the service or group.

STEP D From the Schedule drop-down list, select the schedule you want the rule to use, if any.

By default, a firewall rule can be applied 24 hours a day, 7 days a week. This is equivalent to having a schedule of 00:00 to 00:00 defined.

STEP E In the Inactivity Timeout field, enter the interval (between 1 and 999 minutes) after which you want any established session to be terminated if there is no activity.

STEP F If desired, type a description for the rule in the Comment field.

72 X Family LSM User’s Guide V 2.5.1