Flex 200 and web server problems
Freshman Member
I have a new Flex 200 and one web server behind it. I built my NAT (virtual server) and my security policy and it's still getting dropped when the traffic comes in.
At first, I thought it was because the device was on 443 for management so I reconfigured the device to use 8443 and that's working fine, but still, I can't get my web server (or my RRA) accessible from the outside.
Here's what I did:
I created an object for my external IP as a host.
I created an object for my internal IP as a host.
I created the NAT policies and the sec policy and applied them.
In the log, I'm seeing the traffic dropped with the message below:
Match default rule, DNAT Packet, DROP
i'm struggling on this one. Thanks
Accepted Solution
-
Hi @CRP0499 ,
Greeting Form, From your statements it sould like you are missing a security policy.
Please kindly check if you have the rule like this and the higher priority:
(Please check the address is the real web IP, it may private IP)
If the issue still persist, please provide the config file by private message.
Thank you
0
Zyxel Employee
All Replies
-
Hi @CRP0499 ,
Greeting Form, From your statements it sould like you are missing a security policy.
Please kindly check if you have the rule like this and the higher priority:
(Please check the address is the real web IP, it may private IP)
If the issue still persist, please provide the config file by private message.
Thank you
0 -
That was it! Missing a WAN to LAN policy.
1
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 213 Nebula Ideas
- 127 Nebula Status and Incidents
- 6.4K Security
- 551 USG FLEX H Series
- 341 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 52 Wireless Ideas
- 6.9K Consumer Product
- 295 Service & License
- 471 News and Release
- 90 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.7K FAQ
- 34 Documents
- 87 About Community
- 102 Security Highlight
