Bi-directional access rules use the source and destination of the rule interchangeably. Bi-directional rules must use the action Pass and Original Source IP as the connection.
Create a Pass Access Rule
- Go to FIREWALL > Access Rules.
- Click Add Access Rule to create a new rule. The Add Access Rule window opens.
- Select Pass as the action.
- Enter a Name for the rule. E.g.,
- Select the Bi-Directional check box.
- Specify the following settings that must be matched by the traffic to be handled by the access rule, and click + after each entry:
- Source – The source addresses of the traffic.
- Network Services – Select a service object, or select Any for this rule to match for all services.
- Destination – The destination addresses of the traffic.
- (optional) Configure Advanced settings. For more information, see Advanced Access Rule Settings.
- Click Save.
- Drag and drop the access rule so that it is the first rule that matches the traffic that you want it to forward. Ensure that the rule is located above the BLOCKALL rule; rules located below the BLOCKALL rule are never executed.
Additional Matching Criteria
- Connection – For more information, see Connection Objects.
- Valid for Users – For more information, see User Objects.
- Apply only during this time – For more information, see Schedule Objects.