[Nebula] Is it possible to allow GeoIP for VPN connection?

Zyxel_Stanley
Posts: 1,388
Zyxel Employee





Question:
How can I configure my VPN to only allow traffic from specific countries?
Answer:
You can set up a Policy Control rule to allow IKE/ESP traffic from specific countries. Here’s how you can do it:
- Navigate to Site-wide > Configure > Firewall > Security Policy.
- Create the necessary rules for the specific country:
#1: VPN_Allow
Source: Taiwan, Destination: Device, Service port: UDP 500/4500, Action: Allow.
#2: VPN_Block
Source: Any, Destination: Device, Service port: UDP 500/4500, Action: Deny.
This configuration allows traffic from Taiwan and blocks VPN traffic from all other countries.
Tagged:
0
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 165 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 364 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight