Very nice functionality :-((
For our WAN and DMZ wer have several public IPs (in fact we have 3 DMZs and 3 WANs on two different providers. I created an IPSec tunnel to reach the LAN, DMZ and WAN on the central site from the remote site through the IPSec tunnel "from the inside/routed through the corporate network" in "Site-to-site" mode.
Configured the remote and local LANs on the central site.
Selected "Create firewall rule" in the IPsec Tunnel.
This created an active (!!) firewall rule with source zone Any, destination zone Any and all the company networks of DMZ,LAN,WAN in source and destination network.
This is against everything security people tell you, of course the rule itself, but also how it is created and the mindset that is implemented on the GUI.
(BTW I'd have expected that this would create a rule that is going into one direction)
I'd like to report this as a bug that should be removed ASAP ...
Regards,
BeeF
This thread was automatically locked due to age.
