The Forwarding Firewall rule set contains default rules that fit most applications and services that are handled by the Barracuda CloudGen Firewall. The following tables lists all Forwarding Firewall rules that are pre-configured for Cloud instances.
Forwarding Firewall Rules
|0||Disabled||Block||BlockATDQuarantine||Blocks infected hosts that are blacklisted by ATP|
|1||Enabled||App Redirect||CLOUD-CC-MGMT-COMM||Redirect incoming Control Center management traffic on the DHCP interface to the management IP address.|
|2||Enabled||App Redirect||CLOUD-SETUP-MGMT-ACCESS||Redirect incoming management traffic on the DHCP interface to the management IP address.|
|3||Enabled||App Redirect||CLOUD-SETUP-WEBUI-MGMT-ACCESS||Redirect incoming management traffic to the WebUI on the DHCP interface to the management IP address.|
|4||Enabled||App Redirect||CLOUD-SERVICE-VPN-ACCESS||Redirect incoming management traffic to the WebUI on the DHCP interface to the management IP address.|
|5||Enabled||App Redirct||CLOUD-SERVICE-VPN-ACCESS-IPSEC||Redirect IPsec VPN connections to the VPN service listening on the virtual server IP address.|
|6||Disabled||App Redirect||CLOUD-LB-PROBE||Redirect probes from the loadbalancer TCP port 6500 to fwauth on port 450.|
|7||Enabled||Pass||CLOUD-NET-2-INTERNET||Allow all traffic from the detected subnets of the virtual network or VPC to the Internet.|
|8||Enabled||Pass||CLOUD-NET-2-CLOUD-NET||Allow all traffic between the detected subnets of the virtual network or VPC.|
|9||Disabled||Pass||CLOUD-NET-2-VPN-SITE||Allows all traffic between the detected local cloud networks and remote networks of VPN site-to-site tunnels.|
|10||Enabled||Pass||CLOUD-NET-2-VPNCLIENTS||Allows unrestricted access for Barracuda Network Access Clients coming in through interface pvpn0 to the trusted LAN.
Note that PPTP-based access is not included in this rule.
|11||Enabled||Block||BLOCKALL||Blocks all IP traffic.|