To onboard classic firewalls:
To synchronize a firewall that you onboarded earlier, click the synchronize double-arrow button beside the firewall name.
Troubleshooting: If the classic firewall tab does not display as expected, check that your platform has the correct UI configuration for this feature
Change the name and description as required, then click Save.
To view the provider ID of a classic firewall, edit the firewall.
The platform will maintain the rules in order with no gaps.
To change the order of rules, click the pencil edit button beside a Sequence number, then enter a new Sequence number and click ok. The platform will move the other rules to fit around the changed rule.
For example, to move a rule from position 1 to position 2, enter 2 and click "ok".
The platform will now move the rule that was in position 2 to position 1.
The last rule in the sequence is the default rule in the Edge. In vCloud Director, If you disable the default rule, this will disable the firewall service in the Edge. This will mean that the rules will exist in the Edge but they will not be active.
To create a firewall rule, click the + add button and complete the following dialog.
|Sequence||Position in the order of evaluation of rules, which is from lowest to highest. You should create rules using existing sequence numbers. The platform will reorder the rules to fit around the new rule. If you create a new rule at the end of the sequence, then it will be the default rule. If you disable the default rule, then the platform will disable the firewall in the Edge.|
Optionally select from the list of common protocols
|Source ports||The firewall rule will apply to this inclusive range of ports|
Source can be in the following formats: IP address, CIDR, IP range, 'any', 'internal', and 'external'
|Destination ports||The firewall rule will apply to this inclusive range of ports|
|Destination||Destination can be in the following formats: IP address, CIDR, IP range, 'any', 'internal', and 'external'|
|Description||Describe the classic firewall rule|
|Action||Select "Allow" or "Deny".|
|Logged||Select to use logging. Optional|
|Enabled||Select to enable the rule. If this rule is in the last position, then it is the default rule. If you disable the default rule, then you will disable the firewall in the Edge. The rules will still be present, but the Edge will not apply them|