bluelog Neo
bluelog Neo
Breadcrumbs

Firewall

Last modified:

Implementing a firewall helps protect your system by defining allowed and forbidden network traffic. In the firewall configuration, you can create rules to allow or block traffic between devices and the virtual networks organized under Settings > VLAN. The firewall only affects network traffic via the Ethernet interface of the bluelog.

VCOM USERS If you use VCOM as a backup, note that firewall configurations are not automatically included in VCOM backups. To prevent data loss, we strongly recommend that you:

  • Enable VCOM backup

  • Perform a manual backup before enabling the firewall.

This ensures that all configurations can be restored in case of any incorrect firewall configuration. See also Backup and restore.

Set up firewall rules

Prerequisites

  • You have completed the necessary actions described under VLAN.

  • VCOM USERS You have performed a VCOM backup. See Backup and restore.

Steps

  1. Go to Settings > Firewall and select the Plus to add a rule.

  2. Select the protocol: TCP, UDP, ICMP.

  3. Select the interface from the available network interfaces, including configured VLANs.

  4. Select the direction: incoming or outgoing.

  5. Enter the source IP address. CIDR notation, e.g. “/16", is supported.

  6. Enter the source port. Hover over image-20260120-081055.png Info next to Source port to view the options.

  7. In the Action column, select whether to allow or forbid the action. If forbidden, all network traffic via the Ethernet interface will be blocked.

  8. Optional: Add a Comment for the rule. This helps all users to review and manage the firewall rules, e.g. if you need to re-configure the firewall.

  9. Select image-20260120-080943.png Save to save the rule.

  10. Firewall rule settings are stored until the firewall is activated. When you have entered and reviewed your rules, activate the toggle image-20260120-084719.png Use Firewall to activate the firewall.

The firewall is configured.

Note

To prevent accidental lockout from the web interface, the following ports cannot be configured: 

  • Port 80 (in/out)

  • Port 22 (in/out)

  • Port 443 (in/out)


Further actions

  • Set the order of firewall rules: You can change the order in which the firewall rules are applied by selecting the up/down arrows in the Priority column in the table.

image-20250205-095207.png
Firewall priority rules

  • Edit or Delete a firewall rule: Select the options next to the VLAN name in the list.