Default IP addresses groups:
Public IP Addresses. This group contains all IP addresses except for private IP addresses.
Private IP Addresses. This group contains all IP addresses of local networks: 10.0.0.0; 172.16.0.0; 192.168.0.0.
Default protocol groups:
ViPNet Cluster is a group where the UDP protocol with the source and destination ports 2060 is specified in contents. It is used in the Service ViPNet packets private network filter for ViPNet Cluster. This protocol group and this filter are displayed only if the ViPNet Cluster software is installed on your host.
NetBIOS and WINS Service is a group where the UDP protocol with the source and destination ports 137 and the UDP protocol with the source and destination ports 138 are specified in contents. It is used in the Allow NetBIOS and WINS private network and public network filters.
DHCP Service is a group where two UDP protocols are specified in the contents. One of them has the source port 67 and the destination port 68. The other one has the source port 68 and the destination port 67. It is used in the Allow DHCP private network and public network filters. Default schedules groups:
Weekend days is a group with a schedule where weekends (Saturday and Sunday) are specified.
Work week is a group with a schedule where working days (from Monday to Friday) are specified.
Creating and Editing Object Groups
To create a new object group:
1 In the main ViPNet Monitor window, in the navigation pane, select Object Groups.
2 In the view pane, click the link corresponding to the type of the object group you are creating, or, in the navigation pane, go to the corresponding subsection.
3 In the view pane, click Create.
The object group properties dialog box will be displayed. Specify the new group's parameters. 4 In the General Options section, specify the name of the new object group. A group name must be
unique.
5 In the Contents section, specify the contents of the group you are creating. When you are creating a group of the following type:
o ViPNet Hosts, specify the ViPNet hosts that should be included in this group. For more
information, see Adding ViPNet Hosts (on page 140).
You may also include built-in object groups All coordinators and All clients (see Built-in Object Groups on page 134) into the ViPNet Hosts group.
Figure 58. Creating ViPNet hosts group contents
o IP Addresses, specify separate IP addresses, an IP addresses range or subnetwork, or DNS
names. For more information, see Adding IP Addresses and DNS Names (on page 141).
Figure 59. Creating IP addresses group contents
o Interfaces, specify an IP address of an interface or a group of interfaces. For more information
about adding network interfaces' IP addresses, see Adding IP Addresses and DNS Names (on page 141).
You may also include your host's available interfaces into a group of interfaces. In this case, you do not have to specify their IP addresses; just select them on the Add menu.
Figure 60. Creating interface group contents
o Protocols, specify protocols and, if necessary, port numbers. For more information, see Adding
Protocols (on page 142).
Figure 61. Creating protocols group contents
o Schedules, compose a schedule of days of the week or time ranges. You may use such
schedules later to limit the length of network filters action. For more information, see Adding Schedules (on page 143).
Figure 62. Creating schedules group contents
Note: Each object group may include subgroups of objects of the same type, in other words, you may nest groups of the same type (see Object Groups Nesting on page 144).
Moreover, you may add the All objects system group to any object group, for example, when you need to create a group including all objects but some exceptions.
6 In the Exceptions section, specify exceptions from the object group section, in other words, the objects that should not be present in the object group. For example, to create a group of protected hosts consisting of all coordinators except for one, you should add the built-in group All
coordinators to the contents, and then specify that coordinator as an exception. You may specify another object group of the same type as an exception, too. Exceptions are created in the same way as object groups' contents.
Note: You do not need to edit the Usage section. A list of filters using this object group is displayed there. When you are creating a new object group, this section is empty. 7 Click OK to complete the task.
As a result, the newly created group will be displayed in the list of object groups of the selected type.
If you create an object group and do not specify its contents, such a group will be considered empty. We do not recommend you to use empty groups in network filters, because the filters will not be applied in that way.
To edit group properties, select this group in the corresponding object group subsection and double- click it or click Properties. After you edit general properties of the group or the items included in it, in the group properties dialog box, click OK.
To delete an object group, select it in the corresponding subsection and click Delete. Confirm group deletion. If the object group you are deleting is used by any network filters or NAT rules or if it is nested
message window, click Show Details and view, in which objects this group is used, then remove the group from these objects and repeat deletion.
Figure 63. An object group cannot be deleted
To enable the created or modified object groups, in the object groups section, click Apply all. In the displayed window, within 30 seconds, confirm saving the changes. If you do not want to save the changes, click Cancel.