Reply
Highlighted
New Member
Posts: 1
Registered: ‎10-25-2016

VPN Firewall

Hi Community.

 

I have a EdgeMax POE. 

 

I created a site-to-site vpn to a cisco ASA5515.

 

I want to create a firewall rule, so i can control what the ASA-end can access.

 

Can someone help me?

Veteran Member
Posts: 6,033
Registered: ‎03-24-2016
Kudos: 1587
Solutions: 681

Re: VPN Firewall

The auto-firewall-nat-exclude thingy already opens WAN_IN for all traffic.

 

Easiest way to filter is add firewall ruleset on LAN_OUT

 

Default action allow

rule 1 establish/related

rule 2 onwards:  Source IP= remote network. Allow  access your internal port(s)/server(s)

rule 100  :  Source IP= remote network.    action=block

 

Reply