I have a TZ-300 and my ISP is asking me to allow their IP to ping my equipment (for availability monitoring).
I've found a checkbox at X1 interface to allow Ping. It worked. I noticed the device created an Access Rule and that I can change this rule so that "Source" can be a specified IP.
But my ISP asked clearence for two IP.
Therefore I've tried to create Address Objects and Access Rules to recreate the above mentioned rule, at the same priority, with no success. At LOG it shows "err1: policy not found for packet on Zones(WAN -> WAN)".
See below both rules: #2 is the created by the device, #3 is the one I've created. Rule #3 is not being hit if I remove "Ping" from interface X1.
What should I do to allow two IPs?