Applying policy based on the client's IP address (Cloud services)


<< Back to Knowledge Search

Solution

Overview

With a Firewall/VPN connection into the Cloud need to define policy based on clients IP or subnet.

Cause
Resolution

Policy based on clients IP is only available through the use of the Firewall/VPN connection into the Cloud.

One way to define the policy in portal is to go under the Content Filtering --> Policy and then click on "Switch to Advanced Configuration" (if not already there)

When defining the policy under the "from where" section an IP address or subnet can be added and then selected.  This IP address will be the "real" IP address of the workstation or subnet.  When a VPN tunnel is created between the Firewall and the Cloud there is no NAT'ing of addresses inside the tunnel.  Once the Cloud decrypts IPsec payload it will remember the source IP address (clients "real" IP) and then take care of the NAT'ing.

Workaround
Additional Information
Bug Number
InQuira Doc IdKB4381
Attachment

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      Cloud IPsec VPN
Topic      Policy Management
Article Number      000007957
Summary     
Was this helpful?
Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat