I just got our new Firebox x550e to setup as a simple firewall to protect some web servers, and the documentation can be a bit daunting since (for now) we're only using it as a firewall.
A couple basic questions - maybe Leythos will see this?
I assume that, by default, all traffic from external to trust is blocked, and that by adding policies I'm allowing certain traffic through. So by setting a policy for ANY to TRUSTED port 80/TCP I'm letting any external traffic to HTTP.
One question I have in the policy section is they have groups listed as "ANY EXTERNAL" and "EXTERNAL" - what's the difference with the "ANY" in front?
Also regarding firewall rules - assuming my interpretation of the abive example for port 80 is correct, how would I then add a block to another specific network or networks? For example, all any to port 80 except 126.96.36.199/7 and 188.8.131.52/8? I'm used to microtik where I can visually coordinate my rules top to bottom, but I'm still getting used to the Watchguard software.
Final question for now has to do with remote management. One of my locations that I'll need access to the firewall and the servers behind it is my home office - which does not have a static IP. Is there a way that I can access the firewall via the System Manager 9.1 software even with the static IP? I see that I could add all of my ISPs networks to the allow access to the firebox itself policy - and that would at least limit potential attacks to those with the same ISP, who find the firebox, who have the firebox software and who crack my admin password.
What I really need to be able to do is access certain ports from my home office (i.e. mysql, remote access). Maybe there's a completely different / better way to do that than getting in remotely to the firewall and adding my current non-static IP to allow access to those ports?