Default Outgoing firewall rule

The firware comes with a default Outgoing TCP-UDP tcp:0 udp:0 firewall rule. It seems like traffic will go out via this rule if it's defined, is it safe to delete or disable this rule?


  • Options

    Safe - sure - but anything currently being allowed by this policy won't be allowed any more.
    My recommendation is to turn on Logging on this policy and review what it allows in Traffic Monitor, and then decide if whatever is allowed is desired/needed or not.
    Then add add policies to allow the desired/needed traffic, prior to disabling or deleting this policy.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    The biggest thing that you'll want to make sure you make a rule for is DNS traffic -- there isn't one by default, and you won't be able to get to anything without resolving DNS.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.