WatchGuard Firebox System 7.0 User Guide
WatchGuard Firebox System 7.0 User Guide WatchGuard Firebox System 7.0 User Guide
Chapter 8: Configuring Filtered ServicesAdding addresses or users to servicepropertiesBoth the Incoming and Outgoing properties include Fromand To address lists. Use the Add Address dialog box toadd a network, IP address, or specific user to a given service.1 In the Properties dialog box, use the Incoming serviceConnections Are drop-down list to select Enabled andAllowed.2 Click either the Incoming tab or Outgoing tab. Clickthe Add button underneath the From or the To list.The Add Address dialog box appears, as shown in the followingfigure.3 Click Add Other.The Add Member dialog box appears.4 From the Choose Type drop-down list, click the type ofaddress, range, host name, or user you want to add.5 In the Value text box, type the actual address, range, orname. Click OK.The member or address appears in the Selected Members andAddresses list.126 WatchGuard Firebox System
Defining Service Properties6 Click OK.The new selection appears in either the Incoming or Outgoing tabunder the appropriate From or To box.Working with wg_iconsService icons beginning with “wg_” are created automaticallywhen you enable features such as PPTP and authentication.Because the wg_ service icons rarely requiremodification, WatchGuard recommends leaving wg_ iconsin their default settings.The following wg_ services are available:wg_authenticationAdded when you enable authentication.wg_dhcp_serverAdded when you enable the DHCP server.wg_pptpAdded when you enable PPTP.wg_dvcpAdded when the device has been inserted intoVPN Manager.wg_sohomgtAdded when you enable the DVCP server.wg_caAdded when you enable the DVCP server, whichalso configures the Firebox as a certificateauthority.The wg_ icons appear in the Services Arena when youselect View => Hidden Services such that a checkmarkappears next to the menu option. To hide the wg_ icons,select View => Hidden Services again such that the checkmarkdisappears.User Guide 127
- Page 97 and 98: Viewing Basic Firebox StatusThe top
- Page 99 and 100: Viewing Basic Firebox Statusbut the
- Page 101 and 102: Viewing Basic Firebox Status• The
- Page 103 and 104: Monitoring Firebox TrafficSetting t
- Page 105 and 106: Performing Basic Tasks with System
- Page 107 and 108: Performing Basic Tasks with System
- Page 109 and 110: Viewing Bandwidth Usage(shown above
- Page 111 and 112: Viewing Details on Firebox Activity
- Page 113 and 114: Viewing Details on Firebox Activity
- Page 115 and 116: Viewing Details on Firebox Activity
- Page 117 and 118: Viewing Details on Firebox Activity
- Page 119 and 120: HostWatchHostWatchHostWatch is a re
- Page 121 and 122: HostWatch3 Enter the Firebox status
- Page 123 and 124: CHAPTER 7Configuring NetworkAddress
- Page 125 and 126: Using Simple Dynamic NATService-bas
- Page 127 and 128: Using Simple Dynamic NAT3 Use the T
- Page 129 and 130: Using Service-Based Dynamic NATEnab
- Page 131 and 132: Configuring a Service for Incoming
- Page 133 and 134: Using 1-to-1 NATA one-to-one mappin
- Page 135 and 136: CHAPTER 8Configuring FilteredServic
- Page 137 and 138: Selecting Services for your Securit
- Page 139 and 140: Adding and Configuring Servicesrigh
- Page 141 and 142: Adding and Configuring Services5 (O
- Page 143 and 144: Adding and Configuring Services3 In
- Page 145 and 146: Adding and Configuring Services11 C
- Page 147: Defining Service PropertiesEnabled
- Page 151 and 152: Defining Service Propertiesthe serv
- Page 153 and 154: Service Precedencegroup always have
- Page 155 and 156: Service Precedencether down the pre
- Page 157 and 158: CHAPTER 9Configuring ProxiedService
- Page 159 and 160: Customizing Logging and Notificatio
- Page 161 and 162: Configuring an SMTP Proxy Service3
- Page 163 and 164: Configuring an SMTP Proxy Service2
- Page 165 and 166: Configuring an SMTP Proxy ServiceAd
- Page 167 and 168: Configuring an SMTP Proxy ServiceEn
- Page 169 and 170: Configuring an SMTP Proxy ServiceCo
- Page 171 and 172: Configuring an FTP Proxy Service6 S
- Page 173 and 174: Selecting an HTTP Service4 Select t
- Page 175 and 176: Selecting an HTTP Servicefrom Any t
- Page 177 and 178: Configuring the DNS Proxy ServiceGE
- Page 179 and 180: Configuring the DNS Proxy Service3
- Page 181 and 182: Configuring the DNS Proxy ServiceYo
- Page 183 and 184: CHAPTER 10Creating Aliases andImple
- Page 185 and 186: Using AliasesGroupfireboxtrustedopt
- Page 187 and 188: How User Authentication WorksHow Us
- Page 189 and 190: Defining Firebox Users and Groups f
- Page 191 and 192: Defining Firebox Users and Groups f
- Page 193 and 194: Configuring RADIUS Server Authentic
- Page 195 and 196: Configuring CRYPTOCard Server Authe
- Page 197 and 198: Configuring SecurID AuthenticationC
Chapter 8: Configuring Filtered ServicesAdding addresses or users to servicepropertiesBoth the Incoming and Outgoing properties include Fromand To address lists. Use the Add Address dialog box toadd a network, IP address, or specific user to a given service.1 In the Properties dialog box, use the Incoming serviceConnections Are drop-down list to select Enabled andAllowed.2 Click either the Incoming tab or Outgoing tab. Clickthe Add button underneath the From or the To list.The Add Address dialog box appears, as shown in the followingfigure.3 Click Add Other.The Add Member dialog box appears.4 From the Choose Type drop-down list, click the type ofaddress, range, host name, or user you want to add.5 In the Value text box, type the actual address, range, orname. Click OK.The member or address appears in the Selected Members andAddresses list.126 <strong>WatchGuard</strong> <strong>Firebox</strong> <strong>System</strong>