USG Flex 500H - Problems with Services that require authentification
Freshman Member
We have a new USG Flex 500H.
It is set up as firewall and gateway, connected via a known to be stable modem on a stable 1GBit/s fiber optic line.
With the new firewall we now have issues with some services like Outlook, Teams and Jira (Atlassian) where they randomly will no longer load/authentification will fail.
On the firewall we only use the default security policy control rules.
For debugging purposes I have turned of all security services. The issue persists.
In the log (debug) we see a lot of packages from Microsoft servers dropped with the message: "invalid state detected DROP". Connections are usually to ports above 5000 but a lot are also to port 443.
All Replies
-
Have you disabled DoS Prevention
0 -
Yes I have, as I said, everything is turned of except policy control.
0 -
Hi @Niklas_Lauf,
May I know if your firmware version is the latest version? Could you provide the diagnostic info for me to check? I will DM you for the request.
0 -
A long shot, but is DoS Prevention loging enabled in "Log & Report → Log Settings → Log Category Settings" under "Security"?
0 -
Hi @bbp,
You can enable logging in Security Policy > DoS Prevention > Profile > each profile. You may reference the screenshot below:
1 -
1
-
Feel free to close this. We have given up on our usg flex 500h
0
Guru Member
Zyxel Employee
Ally Member
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 212 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 82 About Community
- 71 Security Highlight
