Add a remote access policy

To add a remote access policy, do as follows:

  1. Go to VPN > SSL VPN (remote access) and click Add.
  2. Enter a name.
  3. Specify the identity settings.
    Policy members Preconfigured users and groups who should have access to the network resources.
  4. Specify tunnel access settings.
    Use as default gateway

    Use this remote access policy as the default gateway. When on, all traffic, including external internet requests, is forwarded to a default gateway. When off, internal and external traffic is handled by different gateways.

    Permitted network resources

    Resources to which this policy permits access. If you want SSL VPN clients to be able to communicate, add the clients' network address, for example the default SSL VPN pool (

    Restriction You must configure the default gateway on the WAN interface.
  5. Specify idle time-out settings.
    Disconnect idle clients Disconnects idle clients from the session after the specified time.
    Override global timeout Time, in seconds, after which the firewall disconnects idle clients.
  6. Click Apply.

Go to Administration > Device access and enable the LAN and WAN zones for the user portal.