When creating multi-VPN, firewall policies are needed to allow traffic in and out, of which there can be a large number.
Instead of having a number of policies, theses can be grouped into a zone interface and the firewall policy applied to the Zone.
- Ensure that the interface is not referenced in any Firewall policy
- To create a zone interface, Network > Interfaces > Create New > Zone
- Give name and select the VPN interfaces (Ensure “Block intra-zone traffic” is tick if you don’t want traffic between the interfaces in the zone
- Create firewall policies allowing traffic, Policy & Objects > IPv4 Policy > Create New
- Select the incoming and outgoing interface
- Create receptacle policy
- Check in Policy & Objects > IPv4 Policy