
If 元 firewall rules are configured using FQDNs and the MXs firmware version is downgraded to MX 13.3 or earlier, all pieces of the firewall configuration with FQDNs will be removed. Port ranges cannot be entered comma-separated.

Multiple ports can be entered comma-separated. The Src Port and Dst Port fields support port numbers or port ranges.'"Any" can also be used to specify all networks. FQDN and Domain names are also supported as destinations. Multiple IPs or subnets can be entered comma-separated. Destinations fields support IPs or CIDR subnets.If "Any" is used as as source, it will cover all subnets configured on the MX Addressing & VLANs page. "Any" can also be used to specify all networks. The source IP or CIDR subnet must be from the configured subnets in the MX Addressing & VLANs page. The Sources field support IPs or CIDR subnets.The Protocol field allows you to specify TCP traffic, UDP traffic, ICMPv4/ICMPv6 traffic, or Any.The Rule description can be used to add additional information or a comment about the rule.

The Policy field determines whether the ACL statement permits or blocks traffic that matches the criteria specified in the statement.The newly configured rule will then be applied to subsequent flows to either permit or deny traffic.Ĭlick Add a rule to add a new outbound firewall rule. Configured firewall rules are flow based, this means that once a change is made a flow will continue until that flow times out.
