HAve you looked at the feature introduced in FW 7.0.1 “Added ability to select PepVPN sub-tunnels when
defining outbound policy with Enforced or Priority algorithms.”
Yes, I have tested that new feature, but it does not solve my problem. I need to block traffic between tunnels. I dont know, how I could use sub-tunnels there.
Hi,
I think that can be done with internal (deny) network rules on your central hub.
If your remote sites are configured like
R1: 192.168.40.0/24
R2: 192.168.41.0/24
R3: 192.168.55.0/24
Central Site: 172.16.x.x/16
you can setup a rule that denies traffic from source 192.168.0.0/16 to 192.168.0.0/16. R1-R3 are in the range of these and communication should be blocked.
@KPS
Base on the requirements above, don’t think you going to have very complex firewall rules. In general , you only need to defined firewall rules in Central device.