How to allow anydesk through usg40 firewall

Tushar
Tushar Posts: 1
edited April 2021 in Security
I am getting tcp attack error the moment we try to access anydesk
How do we allow anydesk remote access through our firewall

All Replies

  • Alfonso
    Alfonso Posts: 257
    5 Answers First Comment Friend Collector Second Anniversary
     Master Member
    HI @Tushar

    I suppose the log is: "abnormal TCP flag attack detected, Drop"

    This issue occurs when the device receives packets with:

    (1) ALL TCP flags bit are set at same time.

    (2) SYN, FIN bits are set at same time.

    (3) SYN, RST bits are set at same time.

    (4) FIN, RST bits are set at same time. 

    (5) Only FIN bit is set.

    (6) Only PSH bit is set.

    (7) Only URG bit is set.

     

    Therefore, the device detects and regards these packets as attacks.

    If you are sure these packets are safe, you can log into the device and enter the following CLI commands to disable this detection:

    Router(config)# secure-policy abnormal_tcp_flag_detect deactivate

    Regards
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,064
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
     Zyxel Employee
    edited November 2018

    Hi @Tushar,

     

    With default configuration, Anydesk is not blocked by USG.

    PC2 can access PC1 by Anydesk successfully without extra firewall or NAT settings.

    PC2------Internet------(WAN)USG40(LAN)------PC1(Anydesk)

     

    If there are lots of "abnormal TCP flag attack detected, DROP" logs, you can follow the instruction from Alfonso to enter the CLI command to disable/enable abnormal tcp flags detect.

    Disable detect: secure-policy abnormal_tcp_flag_detect deactivate

    Enable detect: secure-policy abnormal_tcp_flag_detect activate

     

    For example:

    Router(config)# secure-policy abnormal_tcp_flag_detect deactivate

    Router(config)# write

    Router(config)# show secure-policy status

    secure-policy status: yes

    secure-policy asymmetrical route status: no

    secure-policy default rule: deny, log

    secure-policy tcp flag detect: no          

Security Highlight