API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Edge Cloud
Edge Cloud
OverviewBillingTerraformAnsible
API
Chosen image
Home/Edge Cloud/Networking/Firewall

Add and configure a firewall

A firewall is a network security device used to protect servers from network threats. The firewall monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. You can set rules for all connections except port 25 for outbound traffic as it is blocked by default.

If you use a Load Balancer and your Virtual Machine is in a pool, configure its firewall by opening ports for receiving and transmitting data to the Load Balancer. For more information, refer to our guide "Create and configure a Load Balancer".

Create a firewall

If you don’t create your custom firewall, the default firewall will be used.

1. Open a window to create a firewall. You can do in two ways:

  • In the Cloud menu, go to Networking > Firewalls > Create firewall.
Firewalls
  • When you’re creating a Virtual Machine, find the Firewall settings section, select Add a Firewall.

 

2. Give your firewall a name. 

3. Set Inbound rules which would define the allowed incoming traffic.
Click New rule and select one of the template rules or choose Custom to apply custom settings.

  • Template rules (All TCP/all UDP/SSH/HTTP/HTTPS/MySQL/DNS UPD/DNS TCP/postgreSQL): template rules come with pre-configured protocols and ports for typical connections 
  • Custom rule: if you select a custom rule, specify the protocol and port manually.
Inbound rule

For Sources, set a specific IP address range in the CIDR format. Otherwise, the rule will be applied to all IP addresses. 

4. Set the Outbound rules which would define the allowed outgoing traffic.

Please note that by default, outbound traffic over port 25 (TCP/UDP) is restricted, while all other outbound ports are open.

Click New rule and select one of the template rules or choose Custom to apply custom settings.

  • Template rules (All TCP/all UDP/SSH/HTTP/HTTPS/MySQL/DNS UPD/DNS TCP/postgreSQL): template rules come with pre-configured protocols and ports for typical connections 
  • Custom rule: If you select a custom rule, specify the protocol and port manually.
Custom rule

For Sources, set a specific IP address range in the CIDR format. Otherwise, the rule will be applied to all IP addresses. 

5. (optional) Apply a firewall to a Virtual Machine by selecting it in the Apply to Instance drop-down list.

6. (optional) Add tags by switching on the Add tags toggle in the Additional options section and specifying headers and tags. 

7. Click Create firewall.

Use the default firewall

If you don't specify which firewall to apply to your Virtual Machine, the default firewall will be applied.

The default firewall contains inbound rules, which allow the following traffic for IPv6 as for IPv4 addresses:

  • SSH connections over TCP protocol on port 22

  • Remote Desktop Protocol (RDP) connections over TCP and UDP protocols on port 3389.

  • Internet Control Message Protocol (ICMP) is allowed.

All outgoing connections are allowed.

Manage a firewall

Add, change and delete rules

1. Go to the Networking tab > Firewalls.

2. Find the required firewall, click the ⋯ menu on the right and select Rules.

Firewalls

Assign to a Virtual Machine and detach from it

1. Go to the Networking tab > Firewalls.

2. Find the required firewall, click the ⋯ menu on the right and select Instances.

Firewalls

Delete a firewall

You can’t delete a default firewall.

1. Go to the Networking tab > Firewalls.

2. Find the required firewall, click the ⋯ menu on the right and select Delete.

Delete a firewall

Was this article helpful?

Not a Gcore user yet?

Discover our offerings, including virtual instances starting from 3.7 euro/mo, bare metal servers, AI Infrastructure, load balancers, Managed Kubernetes, Function as a Service, and Centralized Logging solutions.

Go to the product page