This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Is there documentation or a way to see details about pre-defined IP firewall rule network services - ex. DNS, DHCP, FTP

Is there documentation or a way to see details about pre-defined IP firewall rule network services - ex. DNS, DHCP, FTP

Go to solution
w1f1n00b
Contributor II

ā€Ž06-16-2020 07:45 PM

When creating firewall rules for network services there are pre-defined objects for things like DNS, DHCP-Client, DHCP-Server etc. you have the option of Source IP - Any, and Destination IP - Any.

If you create a rule using one of these objects but do not specify IP Addresses (Any-Any-Allow) would this serve any functional purpose?

What do these pre-defined objects do (meaning what is different about the DHCP object compared to the DNS object etc)?

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Ronald_Dvorak
Honored Contributor

ā€Ž06-16-2020 08:45 PM

Hi John,

I hope the below explanation makes it more clearā€¦..

  • If you create a rule using one of these objects but do not specify IP Addresses (Any-Any-Allow) would this serve any functional purpose?

Youā€™d allow i.e. http and https and then as the next rule create a deny all = that will allow only web traffic but nothing else.

  • ā€œWhat do these pre-defined objects do (meaning what is different about the DHCP object compared to the DNS object etc)?ā€œ

Itā€™s there in case you canā€™t remember or are to lazy to search for the correct port number of a certain service. So instead of creating a new object for port 1812 you use the predefined RADIUS object.

https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

-Ron

View solution in original post

0 Kudos
2 REPLIES 2

Go to solution
Ronald_Dvorak
Honored Contributor

ā€Ž06-16-2020 08:52 PM

Youā€™d see more details about the predefined objects inā€¦

> configure > common objects > network > network services

 

-Ron

0 Kudos

Go to solution
Ronald_Dvorak
Honored Contributor

ā€Ž06-16-2020 08:45 PM

Hi John,

I hope the below explanation makes it more clearā€¦..

  • If you create a rule using one of these objects but do not specify IP Addresses (Any-Any-Allow) would this serve any functional purpose?

Youā€™d allow i.e. http and https and then as the next rule create a deny all = that will allow only web traffic but nothing else.

  • ā€œWhat do these pre-defined objects do (meaning what is different about the DHCP object compared to the DNS object etc)?ā€œ

Itā€™s there in case you canā€™t remember or are to lazy to search for the correct port number of a certain service. So instead of creating a new object for port 1812 you use the predefined RADIUS object.

https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

-Ron

0 Kudos
GTM-P2G8KFN