Configuring firewall policies for SD-WAN
SD-WAN zones can be used in policies as source and destination interfaces. Individual SD-WAN members cannot be used in policies.
You must configure a policy that allows traffic from your organization's internal network to the SD-WAN zone. Policies configured with the SD-WAN zone apply to all SD-WAN interface members in that zone.
To create a firewall policy for SD-WAN:
- Go to Policy & Objects > Firewall Policy.
- Click Create New. The New Policy page opens.
- Configure the following:
Enter a name for the policy.
Firewall / Network Options
Enable NAT and set IP Pool Configuration to Use Outgoing Interface Address.
Apply profiles as required.
Enable Log Allowed Traffic and select All Sessions. This allows you to verify results later.
- Enable the policy, then click OK.