Configure settings for Automatic rules
View a summary of Automatic rules and manage related settings in the Engine Editor.
Before you begin
The Template Policy used on the engine must contain the Automatic Rules Insert Point.
In the Automatic Rules section of the Engine Editor, you can set the log level and possible Alert element for Automatic rules. For Firewalls, Virtual Firewalls, and Master NGFW Engines, you can also define whether traffic from the engine to authentication ports is allowed.
For more details about the product and how to configure features, click Help or press F1.
Steps
Engine Editor – Policies – Automatic Rules
Use this branch to view a summary of currently used Automatic rules and change general settings for Automatic rules.
Option | Definition |
---|---|
Allow Traffic to Authentication Ports
(Firewall/VPN role only) |
When Yes is selected, allows traffic to the ports that are used for user authentication. |
Allow Traffic from Listening IP Addresses to DNS Relay Port (Firewall/VPN role only) |
When Yes is selected, allows traffic from clients in the internal network to the standard DNS ports (53/TCP and 53/UDP) on the interfaces that are selected as listening interfaces for DNS relay. |
Allow Connections to Domain-Specific DNS Servers (Firewall/VPN role only) |
When Yes is selected, allows connections from the firewall to the domain-specific DNS servers specified in the DNS Relay Profile element that is selected for firewall. |
Allow Connections from Local DHCP Relay to Remote DHCP Server (Firewall/VPN role only) |
When Yes is selected, allows connections from interfaces on which DHCP relay is active to remote DHCP servers. |
Log Level for Automatic Rules | The log level for traffic that matches automatic rules.
|
Alert | When Alert is selected, specifies the Alert element that is sent. |
Reset to Default Settings | Returns Automatic Rule changes to the default settings. |