Match default rule, DROP

Options
Hello All,

I have a VPN100 that has been set up correctly with a service for the port I need to use to forward our accounting traffic to the server.  I have also created the Policy Control to allow it to go to the correct IP address and have created a NAT rule to allow it in.  But for some reason the default rule is constantly blocking it with 
Security Policy Control
Match default rule, DROP [count=3].  I don't know what I am doing wrong or missing.  I have now been on hold with Zyxel Support for almost an hour with anyone picking up - very frustrating.  Any suggestions would really help.

Accepted Solution

  • RBattaglia
    RBattaglia Posts: 4
    First Anniversary First Comment
    Answer ✓
    Options
    I was finally able to get through to a tech and found out that the settings for NAT rules are a bit different on the new VPN units versus the old USG ones.  I had the WAN in the wrong location in the rule.  All is working fine now.

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,450  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited February 2022
    Options
    Hi @RBattaglia,
    You may check corresponding security policy to see if it matches the criteria From and To.
    Most fail case on mis
    match security policy criteria zone setting From and To.

  • RBattaglia
    RBattaglia Posts: 4
    First Anniversary First Comment
    Answer ✓
    Options
    I was finally able to get through to a tech and found out that the settings for NAT rules are a bit different on the new VPN units versus the old USG ones.  I had the WAN in the wrong location in the rule.  All is working fine now.

Security Highlight