[ATP/FLEX] How to Access Device’s Local Web GUI from Wan?

Zyxel_Cooldia Posts: 1,444  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited June 2023 in Other Topics

By default, it is unable to access device local Web GUI from wan interface when the device is managed by nebula. There is no Implicit firewall rule to allow device access from wan. In some case, we need to login device remotely to troubleshoot, e.g. collect diag-info, or packets capture. This example illustrates how to configure firewall rule to allow Web GUI access from wan.


Go to Configure > Firewall > Security policy.

As we can see, there is no implicit rule to allow Web GUI access from Wan to Device https 443 access.

Click Add to create a security policy rule to allow device Web GUI access from wan.

Action = Allow

Protocol = TCP

Source = Any

Destination = Device

Dst Port =443

*For security concern, we strongly suggest you add trusted IP to Source IP, instead of any.

Click Save to commit setting to Nebula.


Connect to the device’s local Web GUI via web browser by entering the IP address in the browser, and enter “Network Test Tools”.

Enter password and log in.

(Password is at Configure > Site settings > Local credentials


After logging in to the device’s local Web GUI, we can proceed to troubleshoot/collect information remotely.