# Open Firewall Rule To Public Service To Internet ## **Overview** The default Edge gateway firewall rule on Tenant is set to **Deny all**. We must create firewall rules for traffic to virtual services from the internet. [More detail on edge way firewall.](https://docs.higiocloud.vn/network/1.-working-with-network/using-edge-gateway-firewall) ## **Procedure** {% tabs %} {% tab title="I. Create IP set" %} **Step 1:** Log in to the HI GIO PORTAL as an Organization Administrator and Navigate to **Step 2: Networking > Edge Gateway > Security > IP Sets.** Press **NEW** to define the **IP Set for VIPs.** * ***Name:** type IP Set name (example VIP-Web)* * ***IP Address:** type IP Address or IP Range (this IP for VIP that was created before).*

{% endtab %} {% tab title="II. Create an Edge Firewall Rule" %} **Step 1:** Log in to the HI GIO PORTAL as an Organization Administrator and Navigate to **Networking > Edge Gateway > Services > Firewall.** **Step 2:** Press **EDIT RULES** to add NEW RULE for VIPs**.**

* ***Name:** type Rule name (example Allow\_VSWeb)* * ***Applications:** choose your application types (example: HTTP and HTTPS)* * ***Source:** Any (for internet users)* * ***Destination:** Select **IP Set** configured before (example VS\_192.168.2.10)* * ***Action:** Allow* **Step 3:** Click **Save** to complete EDIT RULES

{% hint style="warning" %} In case we’re using a distributed firewall in our environment. we should create and distribute firewall rules for virtual service and pool {% endhint %} {% endtab %} {% endtabs %}