How to edit or delete auto added Access Rule(s) and NAT Policies

Description

The firewall automatically creates the set of access rules as well as NAT policies for certain applications to work for the convenience of administrators. Those entries are not permitted to remove or fully edit by default. If there is an absolute requirement to modify/delete then it can be enabled through the internal settings of the firewall.

Resolution

Resolution for SonicOS 7.X

This release includes significant user interface changes and many new features that are different from the SonicOS 6.5 and earlier firmware. The below resolution is for customers using SonicOS 7.X firmware.

CAUTION: Changing system-generated access rule and NAT policies may cause undesired behavior. Before proceeding it is recommended to export a settings file of the SonicWall firewall. How do I save a backup settings file from a SonicWall firewall?

Step 1 : Log on to the appliance GUI.

Step 2 : Navigate to diag page after login. Do this by changing the URL https://management_IP/Sonicui/7/m/mgmt/settings/diag. Please refer to How can I access the internal settings of the firewall

Step 3 : Click Internal Settings. The configurations are displayed.

Step 4: Navigate to Firewall settings and select the option Enable the ability to remove and fully edit auto-added access rules. You can choose the option  Enable the ability to disable auto-added NAT policy to disable default auto-added NAT policies. 

Image

Resolution for SonicOS 6.5

This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.

CAUTION: Changing system-generated access rules and NAT policies may cause undesired behavior. Before proceeding it is recommended to export a settings file of the SonicWall firewall. How do I save a backup settings file from a SonicWall firewall?

To enable:

  1. Log on to appliance GUI.
  2. Go to the diag page after login. Do this by changing the URL http://192.168.168.168/main.html to http://192.168.168.168/diag.html.
  3. Click Internal Settings. The configuration options are displayed.
  4. Navigate to Firewall Settings and select the "Enable the ability to remove and fully edit auto-added access rules"
  5. Below that option you can also select "Enable the ability to disable auto-added NAT policy"

Image
With this option enabled you can edit/remove auto-added Access Rules.

Related Articles

  • Firewall logs show frequent probe status changes after upgrade
    Read More
  • SSO Agent 4.0: Installation, Configurations, and troubleshooting
    Read More
  • CFS blocks valid sites due to incorrect 64: Not Rated tag
    Read More

Categories

Firewalls
TZ Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall NSA Series
not finding your answers?
Ask the Community
was this article helpful?
YesNo