The IP addresses section contains the list of IP address ranges that can be used in NGFW rules. A predefined address list is supplied with the product. The administrator can add the desired items during use. To add a new address list, follow these steps:
Name |
Description |
---|---|
Step 1. Create a list. |
In the Groups pane, click Add and give a name to the IP address list. |
Step 2. (Optional) Specify the list update address. |
Specify the address of the server where the updatable list is stored. For more details on updatable lists, see later in this chapter. |
Step 3. Add IP addresses. |
In the Selected group addresses pane, click Add and enter the addresses. An IP address entry can be in the form of an individual IP address, IP address/subnet mask, or IP address range (192.168.1.5, 192.168.1.0/24, or 192.168.1.5-192.168.2.100, respectively). |
The administrator can create custom IP-address lists and distribute them centrally to all UserGate firewalls. To create such a list, follow these steps:
Name |
Description |
---|---|
Step 1. Create a file with the desired IP addresses. |
Create a file named list.txt with the IP address list. The address list is written to a plain text file in a column without any punctuation. Example: x.x.x.x y.y.y.y z.z.z.z |
Step 2. Create an archive containing this file. |
Put the file in a ZIP archive named list.zip. |
Step 3. Create a version file for the list. |
Create a file named version.txt and specify the list version number inside it, such as 3. On each update of the list, the version number must be incremented. |
Step 4. Upload the files to a web server. |
Upload the list.zip and version.txt files to your website so that they can be downloaded. |
Step 5. Create an IP address list and specify an update URL for it. |
On each NGFW, create an IP address list. When creating the list, select Updatable as the list type and enter the address for downloading updates. When creating the list, select Updatable as the list type and enter the address for downloading updates. Note The list URL format is http://x.x.x.x/ or ftp://x.x.x.x/.
The schedule can be configured in the list properties. The available options are:
With the Advanced option, a crontab-like format is used where the date/time string consists of six space-separated fields. The fields specify the time as follows: (minutes: 0-59) (hours: 0-23) (days of the month: 1-31) (month: 1-12) (days of the week: 0-6, where 0 is Sunday). Each of the first five fields can be defined using:
|