This content has been marked as final. Show 1 reply
I can think of a couple options off the top of my head:
- You can add all of your DC's into a single Trusted Networks policy, and then create one Firewall Rules policy that includes a rule that allows all IP from Trusted...
- But this is dependent on if you want machines in location X to allow connections from the DCs in all the other locations.
- Create one Firewall Rules policy, and make a Connection-Aware Group for each location, then create a rule in each CAG that allows incoming connections from the proper DC.
- Not sure how many locations you have though... this may be somewhat difficult to manage.
Option A would be the easiest to manage I think, but option B would make it a bit more locked-down.