Definitions

Top  Previous  Next

In order to simplify the configuration and maintenance of the firewall it is recommended to define aliases for hosts and services. These aliases can then be assembled to named groups. The administrator can use names instead of IP addresses, ports and network ranges. Create an alias webserver1 for the IP address of your internal web server for example. Another advantage is that you only must edit the IP address at one place if one is changed.

 

Another useful feature is the definition of services. Assemble some protocols and ports to a single service. This service can be used in firewall and nat rules definition instead of creating many rules for every single port.

 

EXAMPLE: Create a service web containing TCP ports 80 and 443. This service can be used to allow reaching a web server by defining the firewall rules.