ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
Firewall Protection 4-3
v1.0, April 2010
The firewall rules for blocking and allowing traffic on the VPN firewall can be applied to a 
combination of LAN-WAN traffic, DMZ-WAN traffic, and LAN-DMZ traffic. 
The maximum number of supported outbound rules is 300, and the maximum number of supported 
inbound rules is 300. The total number of supported inbound and outbound rules is therefore 600. 
Per traffic rule category (LAN WAN, DMZ WAN, or LAN DMZ), you can configure a total of 
200 rules in any combination of outbound and inbound rules. However, the maximum number of 
outbound rules for all three categories cannot exceed 300. Similarly, the maximum number of 
inbound rules for all three categories cannot exceed 300.
Services-Based Rules
The rules to block traffic are based on the traffic’s category of service:
• Outbound rules (service blocking). Outbound traffic is normally allowed unless the firewall 
is configured to disallow it.
• Inbound rules (port forwarding). Inbound traffic is normally blocked by the firewall unless 
the traffic is in response to a request from the LAN side. The firewall can be configured to 
allow this otherwise blocked traffic.
• Customized services. Additional services can be added to the list of services in the factory 
default list. These added services can then have rules defined for them to either allow or block 
that traffic (see “Adding Customized Services” on page 4-31).
• Quality of Service (QoS) priorities. Each service has its own native priority that impacts its 
quality of performance and tolerance for jitter or delays. You can change the QoS priority, 
which changes the traffic mix through the system (see “Creating Quality of Service (QoS) 
Profiles” on page 4-34).
Table 4-1.  Number of Supported Firewall Rule Configurations
Traffic Rule
Maximum Number of 
Outbound Rules
Maximum Number of 
Inbound Rules
Maximum Number of 
Supported Rules
LAN WAN 200 200 200
DMZ WAN 200 200 200
LAN DMZ 200 200 200
Maximum Number of 
Supported Rules 300 300 600