Comments
-
VPN is site-to-site "Is your VPN tunnel site to site or tunnel interface? Is your SSLVPN client subnet included in the site to site / route through tunnel?" NOt following you on this one. Is this what you're referring to?
-
The rules were auto created. Can't get it to work.
-
I've done the first two steps but it hasn't worked. looking into your last step now.
-
This morning I did the firmware upgrade and changed the SSL VPN IP Pool to it's own virtual subnet so that should clear things up.
-
FYI SSL VPN bookmark works for users as a workaround. Over the weekend we're going to update the firmware to the newest build, and I've created a new SSL VPN IP Pool on it's own subnet to see if that helps.
-
Creating the new zone then manually adding the rules to only allow WAN access worked. Thanks!
-
Perfect. Thanks for the help! Do I need to worry about DHCP since the VLAN's are bound to X0?
-
Sorry I'm a bit confused. I don't want any VOIP traffic to be able to communicate with the LAN but I do need it to have internet access. Do I just need to crate an access rule that says... From VOIP ZONE to WAN, allow "all", source "any"?
-
Thanks for that! If I uncheck that box to "allow traffic between zones of the same trust level" and move my phones into that VOIP zone, will they still be able to connect to the gateway for connectivity since the VOIP VLAN is a sub interface of X0?