Specifications
Firewall Protection
152
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Configure DMZ WAN Rules
• Create DMZ WAN Outbound Service Rules
• Create LAN WAN Inbound Service Rules
The firewall rules for traffic between the DMZ and the Internet are configured on the DMZ
W
AN Rules screen.
The default outbound policy is to block all traffic from and to the Internet.
You can then apply firewall rules to allow specific types of traffic either going out from the
DMZ to the Internet (outbound) or coming in from the Internet to the DMZ (inbound).
There is no drop-down list that lets you set the default outbound policy as there is on the LAN
WAN Rules screen.
You can change the default outbound policy by enabling all outbound
traffic and then blocking only specific services from passing through the VPN firewall. You do
so by adding outbound services rules (see Create DMZ WAN Outbound Service Rules on
page 154).
Note: Inbound rules on the LAN WAN Rules screen take precedence over
inbound rules on the DMZ WAN Rules screen. When an inbound
packet matches an inbound rule on the LAN WAN Rules screen, the
packet is not matched against the inbound rules on the DMZ WAN
Rules screen.
To access the DMZ WAN Rules screen for IPv4 or to change existing IPv4 rules:
Select Security > Firewall > DMZ WAN Rules.
In the upper right of the screen, the IPv4
radio button is selected by default. The DMZ WAN Rules screen displays the IPv4 settings.
(The following figure contains examples.)
Figure 81.