Why can't you establish an SSL VPN connection with the USG Flex H models?
Options
Zyxel_Jeff
Posts: 1,338 
Zyxel Employee
Zyxel Employee
in VPN
Question :
Why can't you establish an SSL VPN connection with the USG Flex H models, and why are there "Match default rule DROP" log messages?
Answer :
The possible reason is that the SSL VPN service port is not allowed from the WAN to Device security policy. For example, the Server port of the SSL VPN is 10443.
The user should add a server object for 10443, as shown below:
Add the SSL VPN service object to the service group Default_Allow_WAN_To_AyWALL.
The SSL VPN service port was successfully added to the service port group.
Once this is done, the SSL VPN connection should be established successfully.
Tagged:
0
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 183 Nebula Ideas
- 120 Nebula Status and Incidents
- 6.2K Security
- 440 USG FLEX H Series
- 299 Security Ideas
- 1.6K Switch
- 80 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 276 Service & License
- 433 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 84 About Community
- 91 Security Highlight