Reaching max vlan's in rule

JoostGroot
JoostGroot Posts: 10
First Anniversary First Comment

In Nebula the Implicit allow rules are forcing me to add so many vlan's in to a deny and allow rule that I reach the 10 item limint for the Source or the Destination.

Realy ZyXEL? Why is there a 10 item limit, and why not allow us to make objects and object groups so we can add one group as 1 item?? As is done in the managed USG/ATP/FLEX for ages?!?!

I need to first block all trafic from any to any cause of the Implicit allow rule that allows all vlans to 'Any' and since 'Any' also includes the vlan's trafic is by default alowed between the vlans. We don't want that, so block any to any. And then allow all seperate vlan's to Device (max 10 items) and allow all seperate vlan's to Internet, but since there is no "object" for Internet we use Any and then we need to add specific rules for each vlan to deny access to all other vlan's.
This all because of some stupid implicit rules that we cant disable.

Please ZyXEL, Nebula is such a great tool, let us realy use it and not have to crap aroud with tons of rules just to deny all those rules a junior Firewall engineer wouldnt even create.

All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,059  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @JoostGroot

    Thank you for reporting your problem to us. Could you please enable Zyxel support to allow us to check your current settings? We will send you a private message later. Please check your inbox. Thanks

Nebula Tips & Tricks