cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Matt_J
Nickel

Do Security Zones work across gateways and policies? 

I am looking at simplifying my policies with Security Zones for the first time and need some clarification. Since they are assigned to the interface, how are these stored/shared? Per gateway? Per Policy? Global?  

How do these work for VPN traffic? Since that technically comes in and out on the external interface, is it seen as an external zone or does it see that it's coming from an internal zone on the other gateway?

Thanks!

1 Reply
Admin
Admin

Re: Do Security Zones work across gateways and policies? 

Zones only have a scope relevant to the local gateway.

For example, the InternalZone on GatewayA may be very different from the InternalZone on GatewayB.

I would expect VPN traffic to appear to come from the zone associated to the interface which the VPN traffic came in on.

0 Kudos