Firewall Protection
149
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Figure 79.
To change an existing outbound or inbound service rule, in the Action column to the right of
the rule, click one of the following table buttons:
• Up.
Moves the rule up one position in the table rank.
• Down. Moves the
rule down one position in the table rank.
• Edit. Allows you
to make any changes to the definition of an existing rule. Depending on
your selection, one of the following screens displays:
- Edit DMZ W
AN Outbound Service screen for IPv6 (identical to Figure 81 on
page 151)
- Edit DMZ W
AN Inbound Service screen for IPv6 (identical to Figure 83 on page 153)
To enable, disable, or delete one or more IPv4 or IPv6 rules:
1. Select
the check box to the left of each rule that you want to enable, disable, or delete,
or click the Select All table button to select all rules.
2. Click one of the following t
able buttons:
• Enable. Enab
les the rule or rules. The ! status icon changes from a gray circle to a
green circle, indicating that the selected rule or rules are enabled. (By default, when a
rule is added to the table, it is automatically enabled.)
• Dis
able. Disables the rule or rules. The ! status icon changes from a green circle to a
gray circle, indicating that the selected rule or rules are disabled.
• Delete. Dele
tes the selected rule or rules.
Create DMZ WAN Outbound Service Rules
You can change the default outbound policy or define rules that specify exceptions to the
default outbound policy. By adding custom rules, you can block or allow access based on the
service or application, source or destination IP addresses, and time of day. An outbound rule
can block or allow traffic between the DMZ and any external WAN IP address according to
the schedule created on the Schedule screen.