It's important to understand how the logic works for location criteria. Then, you can make sure that your location-aware firewall rule groups match traffic as expected.
The logic works as follows for location criteria:
- Each unique location criteria (for example, Default Gateway, DNS Server, and Domain reachability (HTTPS)) uses an And operator.
- The values for a location criteria use an Or operator.
For example, the location criteria in the following screenshot would match traffic where the following are true:
- The Default Gateway has the IP address 10.160.0.1 or 8.8.8.8.
- The DNS Server has the IP address 8.8.8.8 or 10.160.0.1.
- The domain mcafee.com or use.cloudshare.com is reachable using HTTPS.
