SSL VPN vulnerability of June 24th, 2021
All Replies
-
ChipConnJohn said:For my part, I haven’t been able to make sense of the vulnerability given what Zyxel is telling us. I have locked down WAN->Device allowing only IPs I specify to access. It hasn’t been too bad. I sent an email last week apologizing and directing users to a site that gives their wan ip and they email or text it to me and I add it to the device.
For the current models that support FQDN - I'm having my users create DDNS (lots of free ones out there), and they can manually update that FQDN if their ISP changes. Then on our end trust the FQDN. Optionally, if you pay for those DDNS services, add all of those FQDN as trust and you can update those when users change IPs, this way, won't have to keep adding more rules to the security policy.0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 147 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight