Defining service properties, Adding incoming service properties – WatchGuard Technologies FireboxTM System 4.6 User Manual
Page 59
User Guide
49
Defining service properties
8
In the Port text box, enter the well-known port number for this service.
For a list of well-known services and their associated ports, see the
Reference Guide
or Online
Help.
9
Click OK.
Policy Manager adds the port configuration to the New Service dialog box.
10 Verify that the name, description, and configuration of this service are correct.
11 Click Add to configure another port for this service. Repeat the process until all
ports for the service are configured. When you finish, click OK.
The Services dialog box appears with the new service. You can now add the custom service to the
Services Arena just as you would an existing service. For more information, see “Adding an
12 Click File => Save => To Firebox to save your changes to the Firebox. Specify the
location and name of the new configuration file.
Defining service properties
Use the Properties dialog box to configure a service’s incoming and outgoing access
rules. Defining service properties includes:
• Adding incoming hosts, networks, and users
• Adding outgoing hosts, networks, and users
The Properties dialog box for a typical service displays Incoming and Outgoing tabs.
The Incoming tab defines which hosts and users outside the Firebox can use the
service to initiate sessions with your protected users and hosts. The Outgoing tab
defines which hosts and users behind the Firebox can use the service to initiate
sessions with an outside host. You can make any service a one-directional filter by
setting the Connections Are drop list to Disabled.
After defining service properties, you need to save your configuration file, as
described at the end of the previous procedures.
Adding incoming service properties
From Policy Manager:
1
In the Services Arena, double-click the service.
The Properties dialog box appears, displaying the Incoming tab.
2
Use the Incoming Connections Are drop list to select Enabled and Allowed.
3
To define specific external users or hosts that the service will allow in, click Add
beneath the From list.
The Add Address dialog box appears. For a description, see “Adding addresses to service
4
To define specific destinations within the Trusted network that can receive
through the service, click Add beneath the To list.
5
To customize logging and notification for incoming traffic for this service, click
Logging. Configure logging and notification according to your security policy
preferences.
For a description of each control, right-click the control and then click What’s This?