Editing firewall settings

To edit the settings of a firewall:

  1. Go to Monitoring > Firewalls or Configuration > Firewalls and folders.
  2. Scroll over to the name of the firewall and click the pen icon Edit parameters icon, or double-click the line on which the firewall is found.

The series of tabs that appears will allow you to:

  • Modify the location of the firewall in the folder tree,
  • Enable the configuration of network interfaces and routing from the SMC server. This feature is disabled by default and the Interfaces and Routing tabs are in read-only mode.
  • Generate a connecting package for the firewall. For more information about this package, refer to Connecting SNS firewalls to the SMC server.
  • Define the contact address and the output interface to be used by default in VPN topologies,
  • Add a certificate on the firewall,
  • Add customized variables used in SNS CLI scripts or in objects,
  • Create and manage filter and NAT rules,
  • Manage network interfaces; refer to Configure network interfaces.
  • Obtain information about high availability when clusters are used.

The Description and Location fields in the System > Configuration tab are filled in for information only and do not have any impact on the configuration.

If the firewall belongs to a route-based VPN topology, modifying its name may have consequences on the firewall configuration. If you modify the name, SMC automatically renames the objects that correspond to the associated VTI interfaces. You should then verify the firewall local configuration. From version 3.4, if SMC manages the firewall routing and network configuration, you do not need to do anything. For more information, refer to the section Creating route-based VPN topologies.

The Search field in the firewalls list also applies to the Description and Location fields.