Restricting Firewall Access rule matches based on the source VPN

You can match Firewall Access rules based on whether the traffic is coming from a particular policy-based VPN.

You can define that the rule matches only non-VPN traffic, or only traffic from a particular policy-based VPN.

Source VPN dialog box

Use this dialog box to define how the rule processes VPN traffic depending on the source.

Option	Definition
Match traffic based on source VPN	Matches the rule based on whether the traffic is received through a VPN tunnel.
Rule matching drop-down list	Rule matches traffic from the selected VPN(s) — The rule only matches traffic from the selected VPNs. Rule matches traffic from any VPN client — The rule matches traffic from any VPN client. Rule does not match traffic from any VPN — The rule only matches non-VPN traffic.
VPNs and Selected VPNs	Available and selected elements. Click Add to add an element to the list, or Remove to remove the selected element.