Reaching max vlan's in rule
In Nebula the Implicit allow rules are forcing me to add so many vlan's in to a deny and allow rule that I reach the 10 item limint for the Source or the Destination.
Realy ZyXEL? Why is there a 10 item limit, and why not allow us to make objects and object groups so we can add one group as 1 item?? As is done in the managed USG/ATP/FLEX for ages?!?!
I need to first block all trafic from any to any cause of the Implicit allow rule that allows all vlans to 'Any' and since 'Any' also includes the vlan's trafic is by default alowed between the vlans. We don't want that, so block any to any. And then allow all seperate vlan's to Device (max 10 items) and allow all seperate vlan's to Internet, but since there is no "object" for Internet we use Any and then we need to add specific rules for each vlan to deny access to all other vlan's.
This all because of some stupid implicit rules that we cant disable.
Please ZyXEL, Nebula is such a great tool, let us realy use it and not have to crap aroud with tons of rules just to deny all those rules a junior Firewall engineer wouldnt even create.
All Replies
-
Hi @JoostGroot
Thank you for reporting your problem to us. Could you please enable Zyxel support to allow us to check your current settings? We will send you a private message later. Please check your inbox. Thanks
See how you've made an impact in Zyxel Community this year!
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight