Port 8080 in Default_Allow_WAN_To_ZyWALL
Options
Hi,
in the ATP 500 Zyxel configuration, among The service groups, in the Group "Default_Allow_WAN_To_ZyWALL" I can see it does include the service Wiz_2FA port 8080.
What is the usage of this service in the WAN to ZyWALL comunication?
I am asking this cause in the log of the firewall i can notice many Forward access from different countries to zyWall and I Wonder if this is something unsafe that could be blocked.
![Image: https://us.v-cdn.net/6029482/uploads/editor/10/sne28fjvy7x8.png](https://us.v-cdn.net/6029482/uploads/editor/10/sne28fjvy7x8.png)
![Image: https://us.v-cdn.net/6029482/uploads/editor/10/sne28fjvy7x8.png](https://us.v-cdn.net/6029482/uploads/editor/10/sne28fjvy7x8.png)
Thanks in advance for your answers
Regards
Filippo
Regards
Filippo
0
Best Answers
-
Hi @xkp68
The service port 8008 for two-factor-authentication portal page in default setting.
If your VPN tunnel doesn't require for 2FA, you can remove the object from policy control rule.
Or add the rule to allow the trusted incoming IP address by GeoIP object.
Share yours now!
Stanley
0 -
Hi @xkp68
The "client" I mentioned means Internet people accessing to your Device.
Since your rule is:
From: WAN, To: ZyWALL, Action: Allow.
If there is other rule with higher priority with the same condition, then traffic will match first.Share yours now!
Stanley
0
All Replies
-
Hi @xkp68
The service port 8008 for two-factor-authentication portal page in default setting.
If your VPN tunnel doesn't require for 2FA, you can remove the object from policy control rule.
Or add the rule to allow the trusted incoming IP address by GeoIP object.
Share yours now!
Stanley
0 -
Thanks for your kind reply.So, as we are using 2FA,(1)is it ok if I just modify the existing rule "WAN_to_Device" so that the field "IPV4 Source" will change from "any" to your "Geo-Germany" GeoIp Object (of course properly configured with my country).?Or
(2) should i remove the 8080 from the "Default_Allow_WAN_To_ZyWALL" and then create a new rule only for 8080 from WAN to ZyWall with the field "IPV4 Source" setted to your "Geo-Germany" GeoIp Object?Considering that no one manages the Device from outside the country or uses the VPN, and that I have noticed, in the log, many connections even to other ports of the Default_Allow_WAN_To_ZyWALL group, i wish i could use the first approach, but i am not sure if there are other side effects if i follow the (1) approach instead of the (2).Any advice?By the way, if i want to apply the rule to a group of coutries, creating a geoip object for each country and then creating an address group for all the geoip objects to which i will apply the rule is the only way?
Regards0 -
Hi @xkp68
If all of your clients are come from the same country, you can keep current configuration and change object from "any" to "Geo-Germany".
If clients are come from many countries, you can separate it as new rule.Share yours now!
Stanley
0 -
Hi again,
when u use the word "client" do u mean only VPN client or any people accessing services behind the firewall?
Thanks again0 -
Hi @xkp68
The "client" I mentioned means Internet people accessing to your Device.
Since your rule is:
From: WAN, To: ZyWALL, Action: Allow.
If there is other rule with higher priority with the same condition, then traffic will match first.Share yours now!
Stanley
0
Categories
- All Categories
- 413 Beta Program
- 2.3K Nebula
- 192 Nebula Ideas
- 87 Nebula Status and Incidents
- 5.3K Security
- 142 USG FLEX H Series
- 253 Security Ideas
- 1.3K Switch
- 75 Switch Ideas
- 993 Wireless
- 51 Wireless Ideas
- 6.1K Consumer Product
- 231 Service & License
- 362 News and Release
- 74 Security Advisories
- 23 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 101 About Community
- 67 Security Highlight