I have configured a remote Edge to only allow HTTPS access to its public address from a range of IP addresses related to my central gateway. I would however also like to be able to access it from the address range at our disaster recovery site, but cannot work out how to do this (except configuring the remote Edge with HTTPS access from ANY).

I tried to define a local rule on the remote Edge to allow HTTPS access (using port 981) from the natted address of our disaster recovery site, but this does not work (access .

Is this possible or not?

Use "This Gateway" as the destination field of your rule. Not ANY

The SofaWare Team

I did use "This Gateway" in the rule. The ANY was for allowing HTTPS access in the Setup/Management tab on the Edge.

In fact, if I could enter two (or more) different addresses there, that would do it.

If you set the Security Level to "Block All", you still have to create rules an "Allow" rule for 443 to "This Gateway" to get remote management working after you have turned it on under Mangement, otherwise the rulebase will drop the rule.

As such, you can change your security to "Block All", turn Mangement to "Any" and then create rules for the ranges of IP's that you want to be able to manage the firewall - I have that config on several sites.

The other alternative that should work, but I haven't tested, is to leave the Security Level as it is, put one rule in your rulebase to drop any traffic to the gateway on 443, and then put your rules to allow certain IPs to the gateway on 443 above the drop rule.