We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

How to Create Cascade and Cascade Back Access Rules

  • Last updated on

To better organize the access rule set, you can create additional rule lists. At the point in the rule list where you want to evaluate another rule list create a Cascade access rule. If none of the rules in the additional rule list you cascaded to matched, create a Cascade Back access rule to continue evaluating the rules in the main rule list. If you do not define a Cascade-Back rule in the additional rule list and none of the rules match, the default policy (BLOCK or ALLOW) is executed at the end of the rule list.

FW_Cascade.png

FW_CascadeBack.png

Before you Begin

Create a Cascade Access Rule

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.
  2. Click Lock.
  3. Either click the plus icon (+) in the top right of the rule set, or right-click the rule set and select New > Rule.
    FW_Rule_Add01.png
  4. Select Cascade as the action.
  5. Enter a Name for the rule. For example, CascadetoDMZRuleList.
  6. Specify the following settings that must be matched by the traffic to be handled by the access rule:
    • Source – The source addresses of the traffic.
    • Destination – The destination addresses of the traffic.
    • Service – Select a service object, or select Any for this rule to match for all services.
  7. Select the Rulelist that you want to also evaluate the traffic. E.g., DMZRuleList.
  8. Click OK.
  9. Drag and drop the access rule so that it is the first rule that matches the traffic that you want it to forward. Ensure that the rule is located above the BLOCKALL rule; rules located below the BLOCKALL rule are never executed.
  10. Click Send Changes and Activate.

Create a Cascade Back Access Rule

  1. Go to CONFIGURATION > Configuration Tree > Box > Virtual Servers > your virtual server > Assigned Services > Firewall > Forwarding Rules.
  2. Click Lock.
  3. Either click the plus icon (+) in the top right of the rule set, or right-click the rule set and select New > Rule.
    FW_Rule_Add01.png
  4. Select Cascade Back as the action.
  5. Enter a Name for the rule. For example, CascadeBack.
  6. Specify the following settings that must be matched by the traffic that will be handled by the access rule:
    • Source – The source addresses of the traffic.
    • Destination – The destination addresses of the traffic.
    • Service Select a service object, or select Any for this rule to match for all services.
  7. Click OK.
  8. Drag and drop the access rule to the order that you want. Usually this rule is placed last in the rule list, but you can drag it further up the rule list as well.
  9. Click Send Changes and Activate.

Additional Matching Criteria

  • Authenticated User – For more information, see User Objects.

Additional Policies

Last updated on