Dear sir, I want to add a outbound rule to block all computer cannot go any website, but still allow the speedfusion.
I have added a outbound rule which is Deny all LAN IP to webiste already, but it will block all speedfusion traffic?
thanks
Rules are processed top down in order. You would need to make a rule permitting the desired traffic and place it before the block rule.
You may want to use grouped networks to define a list of permitted destinations to make that bit of the configuration simpler and easier to change in the future if necessary.
Perhaps post a screengrab of your existing outbound firewall rules and outbound policies if you want so people could help check the rule ordering and source/destination matching you are doing.
i understand how to create rule, but may i know,it will affect speedfusion pepvpn?
or just only affect wan?
thank
Frankly I am not sure how you epect someone to answer that…
You would need to provide a lot more detail about your filtering, rules, internal addressing etc. although configuring a rule that matches traffic from internal addresses and blocks it from reaching destinations via the WAN should not prevent the router itself establishing a PepVPN tunnel if that is what you mean?
i have created a outgoing rule to deny from any source address to any destination address, so it mean all lan pc cannot go any web
but it still can access my remote vpn lan ip?
thanks
Routing for PepVPN tunnel is provided by OSPF and is higher priority than the outbound policy rules unless you are in expert mode and have your custom rules above the bar that is added to the list when you turn expert mode on.
so,is it mean, if I add any rules in firewall,it will not affect to speedfusion ?
Thanks
Do you mean firewall rules between local and remote networks over Speedfusion? You can use the firewall between these - use internal firewall rules.