Not possible to specify individual interface after adding interface to a zone?

Author
rhap4boy
New Member
  • Total Posts : 9
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/10/10 23:55:08
  • Status: offline
2020/07/30 12:32:41 (permalink)
0

Not possible to specify individual interface after adding interface to a zone?

Is it correct that after you add an interface to a zone, you will not be able to add the interface individually as source or destination interface to a firewall policy?  You can only add the zone.  Is there a workaround?
#1

1 Reply Related Threads

    lobstercreed
    Gold Member
    • Total Posts : 251
    • Scores: 32
    • Reward points: 0
    • Joined: 2018/11/28 14:57:58
    • Location: Sedalia, MO
    • Status: offline
    Re: Not possible to specify individual interface after adding interface to a zone? 2020/07/30 13:42:51 (permalink)
    0
    That is the whole point of zones, so no, there's not a workaround. 
     
    You can still effectively control traffic between interfaces in a zone if you have the zone set not to allow intrazone traffic and then you create a policy with both the source and destination interfaces set as the zone.  Then you control traffic by specifying source/destination addresses correctly.
    #2
    Jump to:
    © 2020 APG vNext Commercial Version 5.5