Add Policies to Your ConfigurationWhen you add a policy, you select a policy template, which specifies whether the policy is a packet filter or proxy policy, and defines the ports and protocols the policy applies to.
To add a firewall or Mobile VPN policy, from Fireware Web UI:
- Select Firewall > Firewall Policies or Firewall > Mobile VPN IPSec Policies.
The Policies page you selected appears.
- Click Add Policy.
- For a Mobile VPN policy, from the Select a group drop-down list, select an existing Mobile VPN group.
- Select a policy type:
- Packet Filter
- For a packet filter, from the adjacent drop-down list, select a policy template.
For a proxy, from the adjacent drop-down list, select a proxy policy template, and from the second drop-down list, select a proxy action.
For a custom policy, from the adjacent drop-down list, select a custom policy template or click Add to create a new custom policy template. For more information, see Create or Edit a Custom Policy Template
- Click Add Policy
- Define the name and settings for the policy.
- Click Save.
For more information about Mobile VPN Policies, see Configure Policies to Filter IPSec Mobile VPN Traffic.
To add a firewall or Mobile VPN policy from Policy Manager, select a policy template from the list. A policy template contains the policy name, a short description of the policy, and the protocol and port the policy applies to.
- To see the list of policy types to choose from, see See the List of Policy Templates.
- To add one of the policies in the list to your configuration, see Add a Policy from the List of Policy Templates.
- To add a Mobile VPN with IPSec policy, see Configure Policies to Filter IPSec Mobile VPN Traffic.
- To see or modify the definition of a policy template, see See Policy Template Details.
- To use the policy import/export function to copy policies from one Firebox to another, see Import and Export Custom Policy Templates. This is helpful if you manage several Fireboxes and have custom policies for them.
The Firebox includes a default definition for each policy included in the Firebox configuration file. The default definition consists of settings that are appropriate for most installations. However, you can modify them for your particular business purposes, or to include special policy properties such as Traffic Management actions and operating schedules.
After you add a policy to your configuration, you define rules to:
- Set allowed traffic sources and destinations
- Make filter rules
- Enable or disable the policy
- Configure properties such as Traffic Management, NAT, and logging
For more information on policy configuration, see About Policy Properties.
Use Policy Checker to Find a Policy
To determine how your Firebox manages traffic for a particular protocol between a source and destination you specify, you can use Policy Checker in Fireware Web UI.