[Nebula] Is it possible to allow GeoIP for VPN connection?
Zyxel_Stanley
Posts: 1,386 
Zyxel Employee
Zyxel Employee
Question:
How can I configure my VPN to only allow traffic from specific countries?
Answer:
You can set up a Policy Control rule to allow IKE/ESP traffic from specific countries. Here’s how you can do it:
- Navigate to Site-wide > Configure > Firewall > Security Policy.
- Create the necessary rules for the specific country:
#1: VPN_Allow
Source: Taiwan, Destination: Device, Service port: UDP 500/4500, Action: Allow.
#2: VPN_Block
Source: Any, Destination: Device, Service port: UDP 500/4500, Action: Deny.
This configuration allows traffic from Taiwan and blocks VPN traffic from all other countries.
Tagged:
0
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 101 Nebula Status and Incidents
- 5.8K Security
- 296 USG FLEX H Series
- 281 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 254 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 76 Security Highlight