Why can't you establish an SSL VPN connection with the USG Flex H models?
Options
Zyxel_Jeff
Posts: 1,392 
Zyxel Employee
Zyxel Employee
in VPN
Question :
Why can't you establish an SSL VPN connection with the USG Flex H models, and why are there "Match default rule DROP" log messages?
Answer :
The possible reason is that the SSL VPN service port is not allowed from the WAN to Device security policy. For example, the Server port of the SSL VPN is 10443.
The user should add a server object for 10443, as shown below:
Add the SSL VPN service object to the service group Default_Allow_WAN_To_AyWALL.
The SSL VPN service port was successfully added to the service port group.
Once this is done, the SSL VPN connection should be established successfully.
Tagged:
0
Categories
- All Categories
- 442 Beta Program
- 3K Nebula
- 228 Nebula Ideas
- 130 Nebula Status and Incidents
- 6.6K Security
- 648 USG FLEX H Series
- 357 Security Ideas
- 1.8K Switch
- 86 Switch Ideas
- 1.4K Wireless
- 55 Wireless Ideas
- 7.1K Consumer Product
- 304 Service & License
- 496 News and Release
- 94 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 5K FAQ
- 34 Documents
- 89 About Community
- 110 Security Highlight