https://community.sophos.com/sophos-xg-firewall/f/discussions/148028/restrict-ssl-vpn-to-wan-aliasI&#39;m trying to configure an SSL VPN. Our WAN subnet has 5 IP addresses, with 4 aliases set up for the additional IPs: Port2 Port2:0 Port2:1 Port2:2 Port2:3 Currently, I have a web server running on Port2:0 . I want the SSL VPN to runen-USTelligent Community 12https://community.sophos.com/thread/548795?ContentTypeID=1Tue, 19 Nov 2024 04:57:50 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:ab420193-038b-43fc-8c11-5da9d0b18e93Hardik_R<p>Hi&nbsp;<a href="/members/brennan-kostyniuk">Brennan Kostyniuk</a>&nbsp;<br /><br /></p> <p>You can try creating a Local ACL&nbsp;Administration &gt; Device Access &gt;&nbsp;<span>Local service ACL exception rule &amp; drop SSL VPN traffic destined to those Alias.<br /><a href="https://docs.sophos.com/nsg/sophos-firewall/21.0/Help/en-us/webhelp/onlinehelp/index.html?contextId=add-local-service-ACL">Add local service ACL exception rule</a><br /><br /></span></p><div style="clear:both;"></div>