Why can't you establish an SSL VPN connection with the USG Flex H models?

Zyxel_Jeff
Posts: 1,312
Zyxel Employee





in VPN
Question :
Why can't you establish an SSL VPN connection with the USG Flex H models, and why are there "Match default rule DROP" log messages?
Answer :
The possible reason is that the SSL VPN service port is not allowed from the WAN to Device security policy. For example, the Server port of the SSL VPN is 10443.
The user should add a server object for 10443, as shown below:
Add the SSL VPN service object to the service group Default_Allow_WAN_To_AyWALL.
The SSL VPN service port was successfully added to the service port group.
Once this is done, the SSL VPN connection should be established successfully.
Tagged:
0
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 156 Nebula Ideas
- 106 Nebula Status and Incidents
- 5.9K Security
- 321 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 257 Service & License
- 399 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 78 Security Highlight