We've come from a Cyberoam background - we are able to create rules that point at the LOCAL zone in order to block traffic.
We've currently got a third party that won't disable an IPSEC connection that we don't use anymore, and it's filling our logs with SPAM about being unable to respond as no match for this connection (We know!)
I've successfully created a WAN_LOCAL block rule on a cyberoam to prevent this, however on SFOS you MUST specify a pre-determined service in the Local ACL list, one of which is NOT IPSEC.
Please can you advise if there is another way to do this?
This thread was automatically locked due to age.
