Configuring the default action

Use the default action to determine how plain-text encapsulated tunnels that do not match any tunnel rules should be handled.

The default action does not apply to non-tunnel traffic. Any other connections that do not match prefilter rules are passed on for processing by subsequent policies.

Procedure

Step 1

Choose Policies > Security policies > Prefilter and create or edit a prefilter policy.

Step 2

Choose a Default Action: Tunneled Traffic option:

  1. Analyze all tunnel traffic—These tunnels are allowed and their encapsulated connections are evaluated by the access control and other policies

    Block all tunnel traffic—Tunnels are dropped and no longer evaluated.

Step 3

If you select Block all tunnel traffic, click Logging (logging icon) next to the default action.

You can configure default action logging for blocked tunnels only.