Can 1 gateway be a part of multiple security zones?

Can you please help me to understand if in complex gateway network 1 gateway can be a member of multiple security zones or just 1 zone ( the first zone that was fulfilled when checking from the top hierarchy of the zones)?
If the zone has no identifiers i assume that this is not a valid configuration - is it right?

Hi hewking32,

I am not sure what you mean by "the first zone that was fulfilled when checking from the top hierarchy of the zones", can you expand on that? A zone that has no identifiers is basically useless, so you're right it is not a valid configuration.

1 Like

after configuring zones i believe you can shuffle the order moving it up or down. If no other zones are fulfilled it always must land on default zone.

in my understanding - hopefully not oversimplified -zones are just a network traffic segregation method so each gateway process whatever traffic was left by filtering done by zones. its a way o managing traffic on gateway network and creating segments.

Open to hear any comments

You are correct, there is a hierarchy the zones follow, and if no zones are fulfilled then it lands on the default zone. Paragraph 2 in the attached user manual section talks about that and the IU video does as well.
https://docs.inductiveautomation.com/display/DOC81/Security+Zones#SecurityZones-UsingSecurityZones

Going back to your original question, a gateway can be set to multiple zones, but the hierarchy will take precedence and use the more important zone.

1 Like