Configure settings for Automatic rules
View a summary of Automatic rules and manage related settings in the Engine Editor.
Before you begin
The Template Policy used on the engine must contain the Automatic Rules Insert Point.
To add the Automatic Rules Insert Point manually, open the Template Policy for editing, right-click the ID cell of any rule, and select Add Automatic Rules Insert Point. You can add the Automatic Rules Insert Point anywhere in the Template Policy.
In the Automatic Rules section of the Engine Editor, you can set the log level and possible Alert element for Automatic rules. For Firewalls, Virtual Firewalls, and Master NGFW Engines, you can also define whether traffic from the engine to authentication ports is allowed.
For more details about the product and how to configure features, click Help or press F1.
Steps
Engine Editor > Policies > Automatic Rules
Use this branch to view a summary of currently used Automatic rules and change general settings for Automatic rules.
Option | Definition |
---|---|
To Firewall section (Firewall/VPN role only) |
|
Allow Traffic to Authentication Ports | When Yes is selected, allows traffic to the ports that are used for user authentication. |
Allow Traffic from Listening IP Addresses to DNS Relay Port | When Yes is selected, allows traffic from clients in the internal network to the standard DNS ports (53/TCP and 53/UDP) on the interfaces that are selected as listening interfaces for DNS relay. |
From Firewall section (Firewall/VPN role only) |
|
Allow Connections to Domain-Specific DNS Servers | When Yes is selected, allows connections from the firewall to the domain-specific DNS servers specified in the DNS Relay Profile element that is selected for firewall. |
Allow Connections from Local DHCP Relay to Remote DHCP Server | When Yes is selected, allows connections from interfaces on which DHCP relay is active to remote DHCP servers. Note: To relay DHCP messages through a policy-based VPN, you must add specific Access rules to allow the traffic. The Access rules must refer to the
correct policy-based VPN.
|
Log Level for Automatic Rules | The log level for traffic that matches automatic rules.
|
Alert | When the Log Level is set to Alert, specifies the Alert that is sent. |
Reset to Default Settings | Returns Automatic Rule changes to the default settings. |