LAN to WAN Attack in Secureport
Secureport shows an "Attack" with the Source address being one of my internal workstations (192.168.nnn.nnn), and the destination a WAN address: 138.201.57.222.
I am not able to identify the purpose of the connection to 138.201.57.222
Nor can I identify why Zyxel considers the connection an "Attack".
How do I find out why is this considered an "Attack"?
What is 138.201.57.222?
0
All Replies
-
Hi @GeoGuyOwoWelcome to Zyxel community.You can refer to the below forum discussion link:The cause is that the session was initiated by the host (192.168.nnn.nnn) on your LAN side andaccessed the data from the destination WAN IP(138.201.57.222),then Zyxel UTM engine identified this behavior might be a malicious attack so blocked it.You can check it belongs to which attack type on the category item such as ADP, IDP, etc.
You may provide the screenshot to us. Thanks.0
Categories
- All Categories
- 347 Beta Program
- 2.1K Nebula
- 115 Nebula Ideas
- 77 Nebula Status and Incidents
- 5K Security
- 44 USG FLEX H Series
- 246 Security Ideas
- 1.2K Switch
- 64 Switch Ideas
- 900 WirelessLAN
- 33 WLAN Ideas
- 5.8K Consumer Product
- 204 Service & License
- 326 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.8K FAQ
- 832 Nebula FAQ
- 402 Security FAQ
- 219 Switch FAQ
- 190 WirelessLAN FAQ
- 45 Consumer Product FAQ
- 136 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 71 About Community
- 61 Security Highlight