Why can’t I see any access rules to or from the Zone VPN?
05/22/2020 7 3594
With VPN engine turned ON, the firewall adds auto-added rules for allowing the traffic to pass through. These access rules make it easier for the administrator to quickly provide access between VPN network and the necessary resources without manually adding each access rule from and to respective zones.
Please make sure that the display filters are set right while you are viewing the access rules:
Most of the access rules are auto-added. If you are choosing the View type as Custom, you might be able to view the access rules.
Also, make sure that the IPv4 & IPv6 section does not have IPv6 selected alone as all the auto-added rules are configured for IPv4.
Since SonicOS 6.5.4.x onwards, all the access rules are hidden if the VPN engine is turned OFF as below. So, please make sure that it is enabled.
With VPN engine disabled, the access rules are hidden even with the right display settings.
NOTE:Any access rules added to or from VPN zone while the VPN engine is globally turned OFF will not be visible on the UI but gets added. You will be able to see them once you enable the VPN engine. Also, you will not be able to add address objects with zone VPN with the VPN engine being OFF.