Adding a Firewall rule is quite a common question, but the process itself is quite simple and easy to do. By default. Sonar blocks EVERYTHING.If you want to allow something, you only have to create a rule to allow that something. These is no need to create any Block or Deny rules on Sonar.
Firewall rules can be applied at two different levels: at a Group level, or a System level. The Group level takes priority over System, and is applied only to certain groups. That means the firewall rule will only apply to users who are a member and who is authenticated against that group. If someone is already logged into Sonar before the group firewall rule was created, they will need to re-log in for the Group rule to take effect. System rules on the other hand apply system-wide and everyone is affected.
ADDING THE RULE
Lets do a System Rule as an example. The rule we want to create is to allow our entire network to ping out to the internet.
- In the GUI navigate to Groups -> System -> Rules -> Access
- Click "Add New" to begin creation of a new Firewall Rule.
- In the top section, you will see "Sources". Hit the "+" button to add an object. The "Source" of this rule will be the subnet of our internal network. In this case "10.0.0.0/8". You will also have to make sure that the network object has a "PAT" outbound NAT rule. So that we can go out onto the internet.
- In the "Destinations" section, click the "+" button and add "Any" as the destination. The Destination is where you want the traffic to go. In this case, we want to be able to ping anything, so "Any" is appropriate.
- . In the "Rules: section, we add the rule we want to apply to this Firewall rule. In this case, we want to allow "ICMP". Click the "+" button and add the rule "Allow ICMP". If you dont have this rule, you will have to create it. See Adding Rule Objects for more infomation.
- Click "OK" to create the rule. Because you have to set an outbound NAT property on the Source, it will prompt you to "auto-generate translation rules:> You want to say "yes" to this. as we want to be able to talk out to the internet.
- Test the rule. If you can ping public addresses (such as 220.127.116.11.) or domain names (such as google.com) then that means the rule is in effect and working.