Making a Desktop Rule for MEP

To use MEP, traffic to multiple sites in the encryption domain must be allowed. But the Desktop Policy sets the primary site as the default Destination for outbound traffic. You must make sure that your policy allows traffic to the gateways in the encryption domain.

To add the MEP Rule:

1. In SmartConsole, open the Desktop tab.

2. In Outbound rules, add a new rule:

   • Destination - a Group network object that contains all gateways in the encryption domain.

   • Service - the Visitor Mode service (default is 443), the NAT-T port (default is 4500 UDP), and HTTP.

   • Action - Allow.

3. Install the Policy.