Zywall USG 100 Log Access block

Options
Eric_Levasseur
Eric_Levasseur Posts: 3  Freshman Member
First Comment
edited April 2021 in Security
Hello, since i replaced two servers, the firewall don't let them access internet and blocks them.
I have this kind of log : 
Match default rule.DROP |  192.168.1.4:59038 | 194.2.0.50:53 |  ACCESS BLOCK

i tried to add this rule which is in first position but it doesnt work : 
LAN1 |  any (Excluding Zywall) | none | any | srv-dc(192.168.1.4) | any | any | allow | no

does anyone have an explanation to this problem ?
Thanks in advance.

Comments

  • Eric_Levasseur
    Eric_Levasseur Posts: 3  Freshman Member
    First Comment
    Options
    i tried another rule : 
    LAN1 |  any (Excluding Zywall) | none | any | LAN1_SUBNET(192.168.1.0/24) | any | any | allow | no
    but after rebooting firewall, i get access to internet on only one server (192.168.1.4), the second one (192.168.1.3) can't go on internet.
    Many logs with these values :
    Match default rule.DROP |  192.168.1.3:64215 | 194.2.0.50:53 |  ACCESS BLOCK
    Match default rule.DROP |  192.168.1.3:52925| 91.228.167.46:80 |  ACCESS BLOCK

    this is very weird, as if the second server was not in the LAN1_SUBNET (192.168.1.0/24)
  • Eric_Levasseur
    Eric_Levasseur Posts: 3  Freshman Member
    First Comment
    Options
    After rebooting the servers, they get access to internet but it didnt last long time.
    the 192.168.1.4 don't get connected since last night with this type of logs
    Match default rule.DROP |  192.168.1.4:64215 | 194.2.0.50:53 |  ACCESS BLOCK

    Always with dns (53) blocked

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,450  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @Eric_levasseur,
    Can you send me your configuration file via private message.

Security Highlight