Manualshelf

User guide

ManualsBrandsWatchguard ManualsComputer equipmentWireless Router
101102103104105106107108109110
Configuring Firewall Settings
88 WatchGuard Firebox X Edge
Incoming and outgoing traffic
Traffic that does not start in your trusted or optional network is
incoming traffic. Traffic that starts in your trusted or optional net-
work and goes to the external network is outgoing traffic. In the
default configuration, the Firebox stops all traffic from getting to
your trusted network.
The default configuration of the Firebox X Edge allows this
traffic:
- From the trusted network to the external network
- From the trusted network to the optional network
- From the optional network to the external network
The default configuration of the Firebox denies this traffic:
- From the external network to the trusted network
- From the optional network to the trusted network
- From the external network to the optional network
Traffic through VPN tunnels
When you create Mobile User VPN tunnels from remote users, or
when you create Branch Office VPN tunnels to other offices, the
Firebox X Edge allows all traffic through the VPN tunnel. No other
configuration is necessary after the VPN tunnel is set up. Do not
configure services as shown in this chapter to allow or deny traffic
across a VPN tunnel. All traffic is allowed between the IPSec VPN
peer networks.
About This Chapter
“Configuring Incoming Services” shows you how to control traffic
from the external network to the trusted and optional networks.
The section “Configuring Outgoing Services” on page 95 shows you
how to control traffic to the external network from the trusted and
optional networks.
The section “Services for the Optional Network” on page 101 shows
how you can control traffic between the trusted and optional net-
works. This is traffic that goes from the trusted network to the
optional network, or traffic that goes from the optional network to