I found in documentation : "Assign destination zone based on Interface packet would egress from"
What is behind this "would" ? How is choose the destination zone , based on FW topology or routing table or ?
I have set a route (next hop Tunnel interface) to a subnet and a NAT rule.
I have a traffic from 2 differents source zone but same destination.
In log, destination zone is not the same for each traffic;
My rules are working but I can't explain why.
So how is based the choice for the destination zone ?
Thanks in advance
As for the logs, enable logging at session end on all polcies and then check the traffic logs to see what they say. As for egress zone, its where the traffic is going or where it will end up. Each interface must be assigned a zone, where the packets leaves the firewall interface, that would be the egress zone based on the interface.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!