Managing firewall templates

You can view the table of firewall templates in the SD-WAN →Firewall templates section. By default, the Default firewall template is created, which forms the basis for other firewall templates you create. Information about firewall templates is displayed in the following columns of the table:

• Name is the name of the firewall template.
• Usage specifies whether the CPE devices use the firewall template:
  • Yes
  • No
• Owner is the name of the user that created the firewall template.
• Last update is the date and time when the firewall template settings were last modified.

The actions that you can perform with the table are described in the Managing solution component tables instructions.

You can select an assigned firewall template to have it preselected when adding or manually registering a CPE device.

You can manage firewall template settings on the following tabs:

• General settings contains basic settings of the firewall.
• Rules contains firewall rules.
• NAT contains network address translation settings. The following tabs are displayed on this tab:
  • DNAT contains DNAT rules.
  • SNAT contains SNAT rules.
• Zones forwarding contains forwardings between firewall zones.
• IP sets contains IP sets.

Creating a firewall template

To create a firewall template:

1. Go to the SD-WAN → Firewall templates section.

   A table of firewall templates is displayed.

2. In the upper part of the page, click + Firewall template.
3. This opens a window; in that window, enter the name of the firewall template.
4. Click Create.

The firewall template is created and displayed in the table.

You need to configure the created firewall template. For details on managing firewall templates, see Managing firewall templates.

Selecting an assigned firewall template

You can select an assigned firewall template to have it preselected when adding or manually registering a CPE device.

To select an assigned firewall template:

1. Go to the SD-WAN → Firewall templates section.

   A table of firewall templates is displayed.

2. Click the firewall template which you want to make the assigned firewall template.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the General settings tab is selected, which displays the main settings of the firewall template.

3. In the upper part of the settings area, under Actions, click Set as designated.

The firewall template becomes the assigned firewall template.

Importing a firewall template

You can export a firewall template and subsequently import it into another firewall template. Firewall template settings are specified in accordance with the settings of the imported firewall template. During import, you can select the tabs that you want to leave unchanged. A firewall template into which another firewall template is imported remains applied to CPE devices, but the settings of those CPE devices are not modified.

To import a firewall template:

1. Go to the SD-WAN → Firewall templates section.

   A table of firewall templates is displayed.

2. Click the firewall template that you want to export.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the General settings tab is selected, which displays the main settings of the firewall template.

3. In the upper part of the settings area, under Actions, click Export.

   An archive in the TAR.GZ format is saved on your local device. The archive does not contain information about CPE devices using the firewall template.

4. Click the firewall template into which you want to import another firewall template.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the General settings tab is selected, which displays the main settings of the firewall template.

5. In the upper part of the settings area, under Actions, click Import.
6. This opens a window; in that window, clear the check boxes next to the firewall template tabs that you want to leave unchanged after import.
7. In the File field, specify the path to the TAR.GZ archive.
8. Click Import.

Firewall template settings are modified in accordance with the settings of the imported firewall template.

Cloning a firewall template

You can clone a firewall template to create an identical firewall template with a different name.

To clone a firewall template:

1. Go to the SD-WAN → Firewall templates section.

   A table of firewall templates is displayed.

2. Click the firewall template that you want to clone.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the General settings tab is selected, which displays the main settings of the firewall template.

3. In the upper part of the settings area, under Actions, click Clone.
4. This opens a window; in that window, enter the name of the new firewall template.
5. Click Clone.

A clone of the firewall template with the new name is created and displayed in the table.

Viewing the usage of a firewall template

If necessary, you can see which CPE devices are using the firewall template. For example, if a firewall template is in use, it cannot be deleted.

To see if a firewall template is being used:

1. Go to the SD-WAN → Firewall templates section.

   A table of firewall templates is displayed.

2. Click the firewall template for which you want to view usage information.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the General settings tab is selected, which displays the main settings of the firewall template.

3. In the upper part of the settings area, under Actions, click Show associated CPEs.

This opens a window with a table of CPE devices that are using the firewall template.

Deleting a firewall template

You cannot delete a firewall template if it is being used by at least one CPE device. To delete a firewall template that is being used by CPE devices, you must first change the firewall template of the CPE devices. You can see which CPE devices are using the firewall template.

Deleted firewall templates cannot be restored.

To delete a firewall template:

1. Go to the SD-WAN → Firewall templates section.

   A table of firewall templates is displayed.

2. Click the firewall template that you want to delete.

   The settings area is displayed in the lower part of the page. You can expand the settings area to fill the entire page by clicking the expand icon . By default, the General settings tab is selected, which displays the main settings of the firewall template.

3. In the upper part of the settings area, under Actions, click Delete.
4. In the confirmation window, click Delete.

The firewall template is deleted and is no longer displayed in the table.