How to restricting access to VPN and “Access Portal” using Geo Location?
We want to use WatchGuard's Geo Location to restrict access to our "Access Portal" and "Mobile VPN" connections, but see no options and the corresponding "Firewall Policies" don't seem to honour the Geo Location configuration.
I'm struggling to find resources on the scenario either via Google or WG documentation. Surely, this should be possible? Does anyone have any success with doing something similar?
What we've tried
For the "Access Portal" it generates a Firewall policy called "WatchGuard SSLVPN" (not very meaningful in the context of the Access Portal it is for), but changing the Geo Location for that has no effect and clients can connect to the Access Portal regardless of their IP location
For the "Mobile VPN" it generates an "Allow IKEv2-Users" firewall policy but changing the Geo Location for that policy has no effect and clients can establish VPN connections regardless of IP location. In my mind this rule is for when the VPN tunnel has already been established and 'feels' like it is too late in the pipeline and would need to be blocked sooner/upstream
Would really appreciate any insights you might have.