Citrix SD-WAN

Global firewall settings

Once you have created the firewall policy templates you can use this policy to configure firewall settings for NetScaler SD-WAN Network. Using the Global firewall settings, you can configure the global firewall parameters, these settings are applied to all the sites on the virtual WAN network.

To configure global firewall settings:

  1. In the Configuration Editor, navigate to Global > Network Settings and click the edit icon. localized image

  2. In the Global Firewall Settings section, select values for the following options: - Global Policy Template - Select a firewall policy template to be applied to all the appliances in the SD-WAN network, Default Firewall Actions - Select Allow to allow packets not matching the filter policy. Select Drop, to drop the packets not matching the filter policy, Default Connection State Tracking - This enables directional connection state tracking for TCP, UDP and ICMP flows that do not match a filter policy or NAT rule. This blocks asymmetric flow, even when there are no firewall policies defined.

  3. Click Apply.

Note

You can also configure these settings at the site level, this will override the global setting.

Global firewall settings