Wildcard Devices

Some overlay network configurations require allowing all traffic inbound or outbound to a specific IP. This can be accomplished with a wildcard 0.0.0.0 network device.

Applies to:
2.1.3 and above

A 0.0.0.0 device functions as a wildcard, and when configuring trust, selecting the 0.0.0.0 device applies the trust policy to all devices behind the parent Airwall Gateway. However, there are several things to consider when planning a configuration that uses the 0.0.0.0 wildcard device.

  • Each overlay network can only have one 0.0.0.0 address to avoid the possibility of IP address conflicts.
  • If your Airwall Gateway is running a version prior to 2.1.3, overlay networks containing a 0.0.0.0 device cannot use subnet routing or NAT.
  • Airwall Gateways running version 2.1.3 or above support subnet routing, NAT, and SNAT. It is recommended all Airwall Edge Services in an overlay network with the 0.0.0.0 wildcard device run version 2.1.3 or later.
  • Airwall Agents and Airwall Linux Agents do not support the 0.0.0.0 wildcard device.

How to configure wildcard devices

  1. Go to Airwalls and select an Airwall Edge Service.
  2. Add a new device with the IP address set to 0.0.0.0. See Add devices to the Conductor for more information about adding devices.
  3. Go to Overlays and select the overlay network for which you are configuring trust.
  4. On the Devices tab, click the button for the 0.0.0.0 device, and then select the other devices and groups in the overlay network that require communications with the devices represented by the 0.0.0.0 wildcard device.