No access to website on webserver using Flex500

PeterHer
PeterHer Posts: 18  Freshman Member
First Comment Fifth Anniversary
edited July 16 in Security

Hi All,

According to this document:
https://support.zyxel.eu/hc/en-us/articles/360001390934-Zyxel-Firewall-Network-Address-Translation-NAT-Configure-1-1-NAT-and-Many-1-1-NAT-on-Zyxel-Firewall-USGFLEX-ATP-VPN

I tried to setup access to my website.


But there is a problem. There is no connection.
https://www.grc.com/intro.htm shows that port 80 is open.

Flex500 log shows:
Public IP address source:(some random number) to Local IP address destination:80 ACCESS FORWARD.
I temporary set IP Exception to bypass a specific IP address. Set Application Patrol to none.
Also the log shows : ACCESS FORWARD for all items to by pass.

Running Wireshark on the server shows:


I am not very familiar with Wireshark, but googling this, shows that this is not good.
The same problem happens with port 21 and 22. (I disabled System → FTP on FLEX).
I tried 1:1 NAT instead of Virtual server, disabling NAT loopback, but with no good results.
Also tried to disable firewall on server. Telnet can also not connect to the server.
Website is running if I try this connect on the server.
Any idea how to solve this?

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 2,577  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @PeterHer,

    Could you create a policy rule to allow me to check your settings? I will DM you the information to allow which public IP.

    Zyxel Melen


  • PeterUK
    PeterUK Posts: 3,461  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited July 18

    Disable your NAT rules and scan to port again to see if it shows open

    is WAN1 getting the WAN IP directly?

    Could your ISP be doing shared NAT with your WAN IP?

Security Highlight