ZyWALL 2plus - not able to get connected to HTTPS interface

ChrisGer
ChrisGer Posts: 205  Ally Member
Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
edited April 2021 in Security
Hello ZYXEL Communitiy,
Please don't ask the question from which museum I have a Zywall 2plus  ;)
but I have one at a customer site and he wouldn't change this, because it's enough for his needs ;)

Challange
I've forgotten to disable the SSLv3 (Remote Admin trough HTTPS) and now, i've no device that is supporting SSLv3 and gave me a short connection to disable remote management by SSLv3 and set only HTTP for management (i know it's unsecure, but the device is in a network, where a pre-authentication is required to access the interface) :)
 
Does anyone have an idea how to connect to a Zywall 2plus without consolecable  and disable HTTPS for remote management?

Thanks and best regards
Christian

Accepted Solution

All Replies

  • [Deleted User]
    [Deleted User] Posts: 118  Ally Member
    5 Answers First Comment Friend Collector Fifth Anniversary
    Dear @ChristianG

    Is SSH/telnet not an option ? 

    if so then the command 
    ras> sys server acces https wan1 off  
    This disables then the HTTPS server on wan1 , here u also can choose lan, dmz etc.
  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    hello @Mark
    Thanks for the quick answer. Do you have any experience whether the access via e.g. putty (or whatever) after switching off the sslv2 protocol? The zywall shouldn't care, should it?

    i will test SSH/telenet option at the next onsite visit. And if it is interesting for you, also gladly report about the result ;)

    Regards
    Christian
  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Hello @Mark
    with SSH (v1) we are able to get connected to the zywall 2plus.
    i've disalbed https as described in your post.
    But by useing the http link, the system doesn't get connected to the zywall 2plus :s

    is there a short way to enable a rule to access the management interface from LAN to ZYWALL?

    Thanks forward =)
    Christian
  • [Deleted User]
    [Deleted User] Posts: 118  Ally Member
    5 Answers First Comment Friend Collector Fifth Anniversary
     @ChristianG 

    just briefly disable the firewall function with
    ras> sys firewall active no

  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    Zyxel Certified Network Administrator - WLAN Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    edited January 2019
    @Mark
    i'm glad for your quick response. the command is working (no error message, but the webinterface is not reachable by FF or Edge browser from a Win10 desktop OS.

    Any other idea's to get successful connected to the ZYWALL 2plus ?

    After set firewall off and chhange the settings for HTTP and HTTPS, the following config is running, but no access trough brwoser possible :anguished:



    Any idea, or is a old system required (e.g. old WinXP) to get connected trough HTTP ?

    Thx forward and best regards
    Christian
  • [Deleted User]
    [Deleted User] Posts: 118  Ally Member
    5 Answers First Comment Friend Collector Fifth Anniversary
    @ChristianG
    Can you PM your telephone number .. 
    Will call you then tomorrow to discuss some things or possible do a remote session  
  • [Deleted User]
    [Deleted User] Posts: 118  Ally Member
    5 Answers First Comment Friend Collector Fifth Anniversary
    Solved today together:-) @ChristianG

Security Highlight