Log shows incorrect interface for site to site traffic wrong policy allows the traffic
USG FLEX 200H V1.10(ABWV.1)
In my setup I have USG60W
VLAN4093 192.168.252.0/23
with tunnel FLEX200H Ge3 192.168.254.10/29 as WAN to LAN2 192.168.254.9/29 on USG60W
VLAN47 on FLEX200H 192.168.255.32/28
site to site in zone IPSec_VPN
when I ping 192.168.255.40 from 192.168.253.1 log show 192.168.253.1 coming from Ge3 when really it from IPSec_VPN
I can either use to allow the traffic site to site but should only be from IPSec_VPN
All Replies
-
still a problem in USG FLEX 200H
V1.20(ABWV.0)
2024-04-18 14:10:29
0 -
Just been looking at the added zones for VPN in V1.21(ABWV.0) just checked my site to site test ping was blocked logs show it blocked and the source interface is ge3 should really match the VPN zone IPSec_VPN and my allow policy control was from WAN3 now only works with from IPSec_VPN which is correct.
0
Categories
- All Categories
- 413 Beta Program
- 2.3K Nebula
- 192 Nebula Ideas
- 87 Nebula Status and Incidents
- 5.3K Security
- 142 USG FLEX H Series
- 253 Security Ideas
- 1.3K Switch
- 75 Switch Ideas
- 993 Wireless
- 51 Wireless Ideas
- 6.1K Consumer Product
- 231 Service & License
- 362 News and Release
- 74 Security Advisories
- 23 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 101 About Community
- 67 Security Highlight
