Feature Request - Add non-WAN-Ports to "Listening interface" in IPSec

Please give us the possibility to select LAN and DMZ ports as "Listening interface". There are some usage scenarios where this would be very useful.

Parents Reply Children
  • I hope I can make it clear enough. For example, we have some MPLS connections to external sites that we run on our central firewall. The connection to these locations must of course be encrypted. A very good possibility would be IPSec, of course. Unfortunately we still have to implement this with several firewalls. These could be saved in the future.

    Another example are various wireless links that are not within our area of responsibility and are required in addition to the WAN ports. These must also be encrypted separately.

    Since this is already possible in the UTM, I cannot imagine that the implementation is impossible.

    With best regards,

    Steppenwolf

  • You are right, UTM can do it.

     are IPSEC VPN listeners going to be opened up to listen from any interface in the future? At the moment, they're only available for use if they are tagged as the LAN zone.

    Emile