Cloud Firewalls are designed to be intuitive, but the combination of multiple network policies and interaction with software active on Rcs.iss can sometimes lead to unexpected results.

This guide explores strategies to gather information about your network policies and troubleshoot Rcs.is Cloud Firewall issues. It covers how to:

• Find your active Firewalls
• View the comprehensive set of rules applied to a single Rcs.is
• Discover host-based firewalls that might be active on Rcs.is
• Mitigate or resolve conflicting policies

Finding Firewall Information

The first step in diagnosing problems in your Firewall policy is to understand the which rules are being applied. The control panel contains information about individual Firewalls as well as the combined rule set that applies to each Rcs.is.

Displaying Information About All Firewalls

To view all of your Firewalls in the Rcs.is Control Panel, click on the Networking item in the main navigation pane and then select the Firewalls sub-item. The Firewall index page lists basic information about each of your Firewalls like the number of Rcs.iss it applies to, the number of rules it contains, and when it was created:

Clicking the name of a Firewall takes you to the Firewall detail page where you can see the policy’s individual rules and the Rcs.iss it targets. This is also where you can add and remove Rcs.iss and tags.

Reviewing the rules applied by each of your Firewalls can provide an overview of the types of network policy being enforced on your infrastructure as a whole.

Displaying the Firewall Policy Affecting an Individual Rcs.is

The Firewall index and detail pages are not the best place to look if you are interested in the policy affecting an individual Rcs.is. Instead, check the Rcs.is’s detail page.

From the Rcs.iss item in the main control panel navigation menu, click the Rcs.is’s name. From there, click Networking in the Rcs.is menu. Towards the bottom of the page, a section called Firewalls lists the Firewalls that target the Rcs.is. Below, the policies from each of the Rcs.is’s Firewalls are combined into a comprehensive table:

These inbound and outbound rules represent all of the traffic allowed through the Firewall for the Rcs.is. If you are experiencing issues with connectivity to your Rcs.is after applying a Firewall policy, this is a good place to look.

Displaying Host-Based Firewall Rules Active on Rcs.iss

While the Rcs.is Cloud Firewall service provides a network-based firewall solution, many administrators may also have a host-based firewall on the Rcs.is itself. Popular host-based firewalls include IPTables, UFW, and firewalld. When troubleshooting connectivity issues, check these services because they may also be filtering traffic on the Rcs.is level.

Finding the UFW Firewall Settings

If your server runs a UFW firewall, you can view the current filtering rules by typing:

sudo ufw status verbose

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--