Certificate issue on a Windows Domain controller with Zyxel Firewall as gateway

xkp68 · July 2022

I'm setting up a Windows Active Directory Server behind a zyxel Firewall.
The AD server has the ATP 500 Zyxel firewall as the gateway.
Every time i try to login in a computer of the domain, using a domain account,
i receive the following Security alert:

Image: https://us.v-cdn.net/6029482/uploads/editor/d8/k17dd1y09xc3.jpg

When i press "View Certificate" it says the problem is something connected to Zyxel

Image: https://us.v-cdn.net/6029482/uploads/editor/t2/nf982v4he0jk.jpg

Image: https://us.v-cdn.net/6029482/uploads/editor/k1/o7vm1mkn14lg.jpg

As a matter of fact, if i remove the ip address of the Zyxel firewall as the gateway of the AD server, the security alert disappears.
The firewall is an ATP500 running V5.30(ABFU.0)ITS-22WK20-r104104 firmware.
Any advice?
Thanks in advance for your help.
Regards
Filippo

Zyxel_James · July 2022

Hello @xkp68,

It could be DNS query on the AD server is blocked by the DNS content filter profile.

Once the HTTPS or DNS connection matched the category, the CF service will redirect a specific web page to you and the certificate will be replaced, resulting in the certificate does not match to the original URL.

You may check the logs to see if the content filter block log exists.

Thank you.

James

Certificate issue on a Windows Domain controller with Zyxel Firewall as gateway

All Replies

Categories

Security Highlight

Security Help Center