USG Flex 500H - Problems with Services that require authentification
Freshman Member
We have a new USG Flex 500H.
It is set up as firewall and gateway, connected via a known to be stable modem on a stable 1GBit/s fiber optic line.
With the new firewall we now have issues with some services like Outlook, Teams and Jira (Atlassian) where they randomly will no longer load/authentification will fail.
On the firewall we only use the default security policy control rules.
For debugging purposes I have turned of all security services. The issue persists.
In the log (debug) we see a lot of packages from Microsoft servers dropped with the message: "invalid state detected DROP". Connections are usually to ports above 5000 but a lot are also to port 443.
All Replies
-
Have you disabled DoS Prevention
0 -
Yes I have, as I said, everything is turned of except policy control.
0 -
Hi @Niklas_Lauf,
May I know if your firmware version is the latest version? Could you provide the diagnostic info for me to check? I will DM you for the request.
Zyxel Melen0 -
A long shot, but is DoS Prevention loging enabled in "Log & Report → Log Settings → Log Category Settings" under "Security"?
0 -
Hi @bbp,
You can enable logging in Security Policy > DoS Prevention > Profile > each profile. You may reference the screenshot below:
Zyxel Melen1 -
1
-
Feel free to close this. We have given up on our usg flex 500h
0
Guru Member
Zyxel Employee
Ally Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 152 Nebula Ideas
- 100 Nebula Status and Incidents
- 5.8K Security
- 286 USG FLEX H Series
- 278 Security Ideas
- 1.5K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 251 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 86 About Community
- 75 Security Highlight
