Is there anyway to have it alert for every IP? I tried setting it to high which says (every ip) but still when I accept 1 ip it accepts all of them until I restart.
Hi high6, Very High alerts and creates rules (in Custom Policy Mode) for IP’s not High. Did you mean Very High?
edit: missed a fairly important couple of words.
Yes I meant very high.
You can make a Global Rule to do this for you. First go to Firewall → Advanced → Network Security Policy → Global Rules → Add → a new box opens → choose Use a custom policy → now fill in the following:
Description: Ask all IP rule
Source address: Any
Destination address: Any
IP details → Any.
When done push apply. Then make sure the rule is somewhere above the basic block rule(s) at the bottom. You can simply drag and drop the rule for this purpose.
To make the rules work like you want keep the following in mind:
- Rules are read from the top to the bottom in general (both Global Rules and Application Rules
- Incoming traffic first goes through the Global Rules and then meets the Application Rules
- Outgoing traffic first goes through the Application Rules and then through Global Rules
I hope this brings some clarity.