[Nebula] Is it possible to allow GeoIP for VPN connection?
Options
Zyxel_Stanley
Posts: 1,435 
Zyxel Employee
Zyxel Employee
Question:
How can I configure my VPN to only allow traffic from specific countries?
Answer:
You can set up a Policy Control rule to allow IKE/ESP traffic from specific countries. Here’s how you can do it:
- Navigate to Site-wide > Configure > Firewall > Security Policy.
- Create the necessary rules for the specific country:
#1: VPN_Allow
Source: Taiwan, Destination: Device, Service port: UDP 500/4500, Action: Allow.
#2: VPN_Block
Source: Any, Destination: Device, Service port: UDP 500/4500, Action: Deny.
This configuration allows traffic from Taiwan and blocks VPN traffic from all other countries.
Tagged:
0
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 217 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 574 USG FLEX H Series
- 344 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 52 Wireless Ideas
- 6.9K Consumer Product
- 297 Service & License
- 472 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight