Use SSL VPN interfaces in zones

SSL VPN interfaces can be used in zones, simplifying firewall policy configuration in some scenarios.


In this example, a zone is created that includes a physical interface (port4) and an SSL VPN interface. The zone is used as the source interface in a firewall policy. PC1 is used for regular access with a firewall policy, and PC2 uses the SSL VPN for access.

To create a zone that includes the port4 and ssl.root interfaces in the GUI:
  1. Go to Network > Interfaces and click Create New > Zone.

  2. Set the name of the zone, such as zone_sslvpn_and_port4.

  3. Add port4 and ssl.root to the Interface members.

  4. Click OK.

To configure SSL VPN settings in the GUI:
  1. Go to VPN > SSL-VPN Settings.

  2. Set Listen on Interface(s) to port2.

  3. Set Listen on Port to 1443.

  4. Configure the remaining settings as required.

  5. Click Apply.

To configure a firewall policy with the zone as the source interface in the GUI:
  1. Go to Policy & Objects > Firewall Policy and click Create New.

  2. Set the policy name, such as policy_to_sslvpn_tunnel.

  3. Set Incoming Interface to zone_sslvpn_and_port4.