Configuring Basic Firewall Policies

You can create policies with the Policies, Services, and Subscribers CLI or the Policies, Services, and Subscribers subtasks in the C-Web interface.

To create a basic firewall policy:

  1. Create a policy group and associated policy rules in ou=entjunos, o=Policies, o=umc.
  2. Specify a precedence for the policy rules.

    All basic firewall services should have a similar value that is higher than the range of precedences you configure for firewall exceptions. In the sample data, we use precedences of 600 and 601 for basic firewall policies.

    Ensure that the precedence for basic firewall policies integrate with other policies that affect the same traffic. See Configuring Priorities for Stateless or Stateful Firewall Services.

For a sample basic firewall policy, see policyGroupName=brickwall, ou=entjunos, o=Policies, o=umc in the sample data.