[Nebula] Is it possible to allow GeoIP for VPN connection?

Options
Zyxel_Stanley
Zyxel_Stanley Posts: 1,373  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited May 13 in VPN

Question:
How can I configure my VPN to only allow traffic from specific countries?

Answer:
You can set up a Policy Control rule to allow IKE/ESP traffic from specific countries. Here’s how you can do it:

  1. Navigate to Site-wide > Configure > Firewall > Security Policy.
  2. Create the necessary rules for the specific country:

#1: VPN_Allow
Source: Taiwan, Destination: Device, Service port: UDP 500/4500, Action: Allow.

#2: VPN_Block
Source: Any, Destination: Device, Service port: UDP 500/4500, Action: Deny.

This configuration allows traffic from Taiwan and blocks VPN traffic from all other countries.

Tagged: