Ghost traffic

nacho

Hello,
I cannot access a service/port when the firewall (security policy) is enabled, but the traffic goes through when it is disabled.
However, I cannot see the traffic entry in the logs so I can whitelist it and reenable my firewall.

Kindly advise

Model: USG1100

Zyxel_Kevin

Hi @nacho,

The asymmetric route led to the issue.

Create a policy based route on the L3 device where under the firewall to ensure the return traffic through the firewall.

The issue was resolved. Thanks your time.

Kevin

Zyxel_Kevin

Hi @nacho, 
Please check you don't have the rule such like Src:LAN DST:WAN ACT:Block
And kindly provide your configuration via Private Message. 
I'll check and give the advice. 
Thank you

nacho

Okay i will send the configuration.
Actually it is WAN to DMZ 

Zyxel_Kevin

Hi @nacho, 
I saw each WAN to DMZ rules have restricted destination IP.
If only specific address cannot pass , please check you have the rule for the destination addresses.

If the issue still we can have the remote session and please send your available time. 
Thank you
Kevin

nacho

Hi @Zyxel_Kevin
We can do on Friday(04/11/2022) - 9am gmt+1

Zyxel_Kevin

Hi @nacho, 
Please provide remote information at that time. 
Thank you

Zyxel_Kevin

Hi @nacho,

The asymmetric route led to the issue.

Create a policy based route on the L3 device where under the firewall to ensure the return traffic through the firewall.

The issue was resolved. Thanks your time.

Kevin