How to modify Firewall Access Rules using CLI
03/26/2020 51 People found this article helpful 401,257 Views
Description
Modifying Firewall Access Rules using the command line interface.
This article focuses on using CLI access to modify Firewall Access Rules.
If for example we do not have access to the unit's GUI or a newly created Access Rule blocks access to the unit, there is the possibility to change or disable/enable the rules.
Resolution
Step 1: Log into the appliance using a terminal software like puTTY.
Step 2: Type
configure
and hit Enter in order to enter the configuration mode.
Step 3: In order to see the Firewall Access Rules created on the unit please type show access-rules
and hit Enter.
This will display all the Firewall Access rules one by one with their id number.
The id number will be useful for modifying the rules, so once you find the rule you would like to change, please note down the ID.
By pressing the space bar you can skip from one rule to the next.
Step 4: In our case the rule we want to change has th ID 17.
To see the rule you may also type show access-rule uuid 17
and hit Enter.
As you can see below this is a deny rule from LAN to WAN to the destination of a FQDN object "wp.pl".
Step
5: In our case we want to disable the rule.
In order to do so we need to type access-rule uuid 17
and hit Enter. Step 6:
Then type no enable
and hit Enter, then type commit
and hit Enter once again.
Step 7: Finally, type exit
and hit Enter in order to exit the config session.
Then, close puTTY. The changes are applied and the rule is disabled.
Additionally, once you are in the configuration section of a specific rule, you can hit Tab in order to display all other Access Rule Commands that can be used.
Related Articles
Categories
Was This Article Helpful?
YESNO