Zywall USG 100 Log Access block

Eric_Levasseur

Hello, since i replaced two servers, the firewall don't let them access internet and blocks them.
I have this kind of log : 
Match default rule.DROP |  192.168.1.4:59038 | 194.2.0.50:53 |  ACCESS BLOCK

i tried to add this rule which is in first position but it doesnt work : 
LAN1 |  any (Excluding Zywall) | none | any | srv-dc(192.168.1.4) | any | any | allow | no

does anyone have an explanation to this problem ?
Thanks in advance.

Eric_Levasseur

i tried another rule : 
LAN1 |  any (Excluding Zywall) | none | any | LAN1_SUBNET(192.168.1.0/24) | any | any | allow | no
but after rebooting firewall, i get access to internet on only one server (192.168.1.4), the second one (192.168.1.3) can't go on internet.
Many logs with these values :
Match default rule.DROP |  192.168.1.3:64215 | 194.2.0.50:53 |  ACCESS BLOCK
Match default rule.DROP |  192.168.1.3:52925| 91.228.167.46:80 |  ACCESS BLOCK

this is very weird, as if the second server was not in the LAN1_SUBNET (192.168.1.0/24)

Eric_Levasseur

After rebooting the servers, they get access to internet but it didnt last long time.
the 192.168.1.4 don't get connected since last night with this type of logs
Match default rule.DROP |  192.168.1.4:64215 | 194.2.0.50:53 |  ACCESS BLOCK

Always with dns (53) blocked

Zyxel_Cooldia

Hi @Eric_levasseur,
Can you send me your configuration file via private message.