[ATP/FLEX] How to Access Device’s Local Web GUI from Wan?

Zyxel_Cooldia
Zyxel_Cooldia Posts: 1,002
Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 500 Comments
 Guru Member
edited August 2 in Other Topics

By default, it is unable to access device local Web GUI from wan interface when the device is managed by nebula. There is no Implicit firewall rule to allow device access from wan. In some case, we need to login device remotely to troubleshoot, e.g. collect diag-info, or packets capture. This example illustrates how to configure firewall rule to allow Web GUI access from wan.

Configurations

Go to Firewall > Configure > Security policy.


As we can see, there is no implicit rule to allow Web GUI access from Wan to Device https 443 access.

Click Add to create a security policy rule to allow device Web GUI access from wan.


Action = Allow

Protocol = TCP

Source = Any

Destination = Device

Dst Port =443

*For security concern, we strongly suggest you add trusted IP to Source IP, instead of any.

Click Save to commit setting to Nebula.


Verification

Connect to the device’s local Web GUI via web browser by entering the IP address in the browser, and enter “Network Test Tools”.

Enter password and log in.

(Password is at Site-wide > Configure > General settings > Device configuration

 

After logging in to the device’s local Web GUI, we can proceed to troubleshoot/collect information remotely.