SD-WAN,ACL,WAN IN
Two locations are connected SD-WAN. Communication between these sites works fine, as does traffic between different network groups — everything is functioning properly.
However, I’d like to restrict access so that only one specific IP address from site A can communicate with one specific IP address at site B. The communication should be allowed only over TCP and UDP on port 443.
Unfortunately, after configuring the ACL, I wasn’t able to achieve the desired result — it doesn’t seem to work as expected. Has anyone managed to set this up successfully or knows how to configure it correctly?
on the deny rule use ip group instead of ip port group on source and destination. on the other two use ip group on source and ip port group on destination
and the first rule is not needed so you can delete it
I have something similar that I use in my SD-WAN. As you can see, I have blocked everything with IP groups, then I have opened up from some remote sites with source IP group and destination IP Port Group
on the deny rule use ip group instead of ip port group on source and destination. on the other two use ip group on source and ip port group on destination
and the first rule is not needed so you can delete it
I have something similar that I use in my SD-WAN. As you can see, I have blocked everything with IP groups, then I have opened up from some remote sites with source IP group and destination IP Port Group