Filter
Top Products
Chapter 13 Firewall
FMG3024-D10A / FMG3025-D10A Series User’s Guide
150
Each field is described in the following table.
Table 41 Security > Firewall > Access Control > Add New ACL Rule/Edit
LABEL DESCRIPTION
Filter Name Enter a descriptive name of up to 16 alphanumeric characters, not including spaces,
underscores, and dashes.
You must enter the filter name to add an ACL rule. This field is read-only if you are editing
the ACL rule.
Source Address
Type
Select Single or Range depending on whether you want to enter a single or a range of
source IP address(es) to which the ACL rule applies. Select Any to indicate any source IP
address.
Source IP Address
Start
Enter an IP address or the starting IP address of the source IP range.
Source IP Address
End
Enter the ending IP address of the source IP range.
Destination
Address Type
Select Single or Range depending on whether you want to enter a single or a range of
destination IP address(es) to which the ACL rule applies. Select Any to indicate any
destination IP address.
Destination IP
Address Start
Enter an IP address or the starting IP address of the destination IP range.
Destination IP
Address End
Enter the ending IP address of the destination IP range.
Select Protocol Select the name of a configured service or select Select Service to define a new service
in this screen.
Protocol This field is available when you select Select Service in Select Protocol.
Choose the protocol type (TCP, UDP, ICMP or Others) of the service.
Protocol Number This field is available when you select Others in Protocol.
Enter the protocol number of the service type to which this ACL rule applies.
Source Port This field is displayed only when you select Select Service in Select Protocol and TCP
or UDP in Protocol.
Select Single or Range and then enter a single port number or the range of port
numbers of the source. Select Any to indicate any source port.
Destination Port This field is displayed only when you select Select Service in Select Protocol and TCP
or UDP in Protocol.
Select Single or Range and then enter a single port number or the range of port
numbers of the destination. Select Any to indicate any destination port.
Policy Use the drop-down list box to select whether to silently discard (DROP), deny and send
an ICMP destination-unreachable message to the sender of (REJECT) or allow the
passage of (PERMIT) packets that match this rule.
Direction Use the drop-down list box to select the direction of traffic to which this rule applies. The
possible options are LAN to DEVICE, LAN to WAN, WAN to LAN, and WAN to
DEVICE.
Apply Click Apply to save your changes.
Back Click Back to exit this screen without saving your changes.