VPN > Settings
910
SonicOS 5.8.1 Administrator Guide
Creating a Static Route for Drop Tunnel Interface
To add a static route for drop tunnel interface, navigate to Network>Routing>Routing
Policies. Click the Add button. Similar to configuring a static route for a tunnel interface,
configure the values for Source, Destination, and Service Objects. Under Interface, select
“Drop_tunnelIf.”
Once added, the route is enabled and displayed in the Route Polices.
VPN Auto-Added Access Rule Control
When adding VPN Policies, SonicOS Enhanced auto-creates non-editable Access Rules to
allow the traffic to traverse the appropriate zones. Consider the following VPN Policy, where
the Local Network is set to Firewalled Subnets (in this case comprising the LAN and DMZ) and
the Destination Network is set to Subnet 192.168.169.0.
While this is generally a tremendous convenience, there are some instances where is might be
preferable to suppress the auto-creation of Access Rules in support of a VPN Policy. One such
instance would be the case of a large hub-and-spoke VPN deployment where all the spoke site