[Nebula] Is it possible to allow GeoIP for VPN connection?
Zyxel_Stanley
Posts: 1,377 
Zyxel Employee
Zyxel Employee
Question:
How can I configure my VPN to only allow traffic from specific countries?
Answer:
You can set up a Policy Control rule to allow IKE/ESP traffic from specific countries. Here’s how you can do it:
- Navigate to Site-wide > Configure > Firewall > Security Policy.
- Create the necessary rules for the specific country:
#1: VPN_Allow
Source: Taiwan, Destination: Device, Service port: UDP 500/4500, Action: Allow.
#2: VPN_Block
Source: Any, Destination: Device, Service port: UDP 500/4500, Action: Deny.
This configuration allows traffic from Taiwan and blocks VPN traffic from all other countries.
Tagged:
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 383 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight