Tunnel Rule Conditions

Rule conditions enable you to fine-tune your tunnel policy to target the networks you want to control. For tunnel rules, you can use the following conditions:

• Interface Objects—The security zones or interface groups that define the device interfaces through which the connections pass. See Interface Rule Conditions.

• Tunnel Endpoints—The network objects that define the source and destination IP addresses of the tunnel.

• VLAN Tags—The outermost VLAN tag in the tunnel. See VLAN Tags Rule Conditions.

• Encapsulation and Ports—The encapsulation protocol of the tunnel. See Encapsulation Rule Conditions.

• Time Range—The days and times when the rule is active. If you do not specify a time range, the rule is always active. See Time and Day Rule Conditions.