Avaya 3.7 User Manual
Establishing security
166 Avaya VPNmanager Configuration Guide Release 3.7
Note:
Note:
Although UDP is connectionless, if a packet is first sent out from a given port, a
reply is expected in the reverse direction on the same port. Keep State
“remembers” the port and ensures that the replying packet enters in the same
port.
reply is expected in the reverse direction on the same port. Keep State
“remembers” the port and ensures that the replying packet enters in the same
port.
14. Select the position of the firewall policy in the template.
15. Click Finish to return to the Firewall tab.
Device level firewall rules
Device level firewall rules apply to specific devices within the domain. Along with the
device-specific rules, the security gateway also inherits the firewall rules that are defined at the
domain level. If firewall rules are defined on the security gateway, these device level rules have
the highest priority and will take precedence over domain level firewall rules.
device-specific rules, the security gateway also inherits the firewall rules that are defined at the
domain level. If firewall rules are defined on the security gateway, these device level rules have
the highest priority and will take precedence over domain level firewall rules.
To create device level firewall rules:
1. From the Configuration Console window, select View>Firewall.
2. In the Firewall tab’s Firewall Global and Device area, click Device.
3. Click Add to start the Firewall Policy wizard.
4. Complete the Firewall Wizard dialog
●
In the Name text box, type a unique name that identifies the rule.
●
By default, the Status is Enabled and the Action is Permit. Change these if they are not
the correct settings.
the correct settings.
●
In the Memo area, type notes to describe the firewall rule (optional)
5. Click Next to display the Device dialog. Select the devices to which the rule is applied. Click
Move Left to move the selected members to the Device(s) for this Rule column.
6. Click Next to display the Source dialog. Select the sources; click Move Left to move the
selected source to the Source column. Click Next.
7. From the Available Destination(s) column, select the destinations; click Move Left to
move the selected destination to the destination column. Click Next.
8. From the Available Service column, select the services; click Move Left. Click Next.
9. The Firewall Wizard Configuration dialog is displayed. From the Zone list, select the zone to
which you want to apply this rule. For maximum flexibility and capability, the firewall rules for
the security gateway can be specified for specific zones. The packets are checked against
the firewall rules at the interface where they are defined.
the security gateway can be specified for specific zones. The packets are checked against
the firewall rules at the interface where they are defined.
10. In the Direction list, select In or Out. The direction is in respect to the security gateway.
11. If you want this rule to be logged. select Enable Log. If you do not select Enable Log, this
rule does not appear in the Monitor>Firewall Log display.