Device Level WAN Stateful Firewall

About this task

WAN stateful firewall is a common feature used in branch networks to provide network level defense, typically by blocking unsolicited traffic from outside of the branch. It can also be used to control of branch traffic into and out of a router, such as allowing or denying traffic between local subnetworks, allowing or denying branch clients from going to a specific IP or range of IPs, or allowing or denying specific network protocols. To enable network policy firewall overrides and make adjustments to the firewall filtering rules for this device, perform the following steps:

Procedure

  1. Select On to enable overrides to the network policy firewall settings for a router.
  2. Use the up and down arrows to change the order of the existing filtering rules in the table.
    Rules are processed in order from top to bottom.
  3. Select Add to add a new filtering rule.
  4. Select a source address from the available options.
  5. Select On (the default) to support auditing, accounting, and monitoring.
  6. Repeat these steps to add additional filtering rules.
    Use the up and down arrows to arrange your new rules in the table according to how you want to to be processed.
  7. Select Save.
  8. To delete firewall rules, select the check box next to the rule.
  9. Select the delete icon.