[Nebula] Is it possible to allow GeoIP for VPN connection?
Zyxel_Stanley
Posts: 1,379 Zyxel Employee
Question:
How can I configure my VPN to only allow traffic from specific countries?
Answer:
You can set up a Policy Control rule to allow IKE/ESP traffic from specific countries. Here’s how you can do it:
- Navigate to Site-wide > Configure > Firewall > Security Policy.
- Create the necessary rules for the specific country:
#1: VPN_Allow
Source: Taiwan, Destination: Device, Service port: UDP 500/4500, Action: Allow.
#2: VPN_Block
Source: Any, Destination: Device, Service port: UDP 500/4500, Action: Deny.
This configuration allows traffic from Taiwan and blocks VPN traffic from all other countries.
Tagged:
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight