Hi all,
Im trying to block certain IP ranges from being able to hit my VPN tunnels, Ive tried L7 firewall rules and they just get ignored.
Does anyone know how to configure inbound firewall rules for ports not handled by Port Forwarding/NAT rules
Thanks,
Anthony
For IPsec, you can configure layer 3 rules, for Anyconnect you can allow just the networks that clients need to access.
Thanks, I was after a block list not an allow list - however Ive managed to do what I wanted by getting support to enable the inbound firewall rules config
It's not to allow, it's just to define what subnets users can access through the VPN. you can use the outbound rules to achieve it, look the article that I sent to you.
thats not quite what i was trying to achieve. Basically lots of random address are probing my open ports, so im trying to restrict what external IPs can access my VPN port (pre authentication), so I wanted access to inbound firewall rules. After speaking to support they have enabled the option and now I can block at will.
👍