Abiquo enables you to onboard and edit Classic firewalls from vCloud Director. A classic firewall is the firewall service in the orgVdc Edge.
To enable Classic firewalls in the UI, Administrators should set the client configuration property.
Users work with classic firewalls at the public cloud region level. In the platform there is no association between classic firewalls and virtual datacenters or classic firewalls and VMs. This means that when you onboard virtual resources, you must onboard classic firewalls in addition to virtual datacenters.
| Include Page | ||||
|---|---|---|---|---|
|
To onboard classic firewalls:
- Go to Virtual datacenters → All → Select a region
- At the top of the Classic firewalls list, click the double-arrow button
- For each classic firewall that you want to onboard, select the classic firewall and click the double-arrow button next to the firewall name. The platform will retrieve the classic firewall and its rules.
To synchronize a firewall that you onboarded earlier, click the synchronize double-arrow button beside the firewall name.
View firewall provider ID
...
Edit a classic firewall
| Include Page | ||||
|---|---|---|---|---|
|
Change the sequence of rules in a classic
...
firewall
...
Change the name and description as required, then click Save.
Change firewall rule sequence
When traffic arrives at the firewall, the Edge will attempt to match the rules from rule 0 to the end of the list of rules.
The Edge will use the last rule (with the highest sequence number) as the default rule. The default rule must cover all ports from any source or destination and you cannot move an invalid rule into the last position.
The platform will maintain the rules in order with no gaps.
To change the order of rules, click the pencil edit button beside a sequence number, then enter a new sequence number and click "ok". The platform will move the other rules to fit around the changed rule.
For example, to move a rule from position 1 to position 2, enter 2 and click "ok".
The platform will now move the rule that was in position 2 to position 1.
Create and edit firewall rules
You can edit existing rules and create new rules for classic firewalls.
| Warning |
|---|
The last rule in the sequence is the default rule in the Edge. If you disable the default rule, in vCloud this will disable the firewall service in the Edge. This will mean that the rules will exist in the Edge but they will not be active. |
To create a firewall rule, click the Add + button and complete the following dialog.
...
| Include Page | ||||
|---|---|---|---|---|
|
Create and edit the rules of a classic firewall
| Include Page | ||||
|---|---|---|---|---|
|
Manage classic firewalls with the API
...