Geography does not work
Freshman Member
wantes to block access from outside austria for an external service.
adde d geo austria , made nat and securriy rule with source austria. Somerimes it work. Other times source is blocked and the block is logged
Log shows ,that the source comes from austria.
bit austria should be unblocked.
Removing geo give access to all and the service works
this problem exists at actual flex series (dont know if h series to) and on older usg. Thonk the problem exists since 4.38
All Replies
-
Hi @webdisaster,
What's the log when the access is blocked? And what's your full security policy list?
Zyxel Melen0 -
Blocked with austrian flag at the end of the line. the strange thing is that sometimes it works
added group GEO. addad austria to group
made Firewall rule and NAT ( not representative - like i do every time on forwarding)
wan to lan1 sourc. GEO dest. 192.168.110.253 (Obj. XPC) service 1001 (XPC-Service) allow
Security Policy Control
Match default rule, DROP
x.x.x.x:53812
192.168.110.253:1001
0 -
If the other end uses a VPN then the rule will not apply
0 -
yes its a vpn. Flex is a VPN Endpoint. want to secure it to specific country
0 -
how does the other end and from where connect to this port 1001?
0
Zyxel Employee
Guru Member
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 102 Nebula Status and Incidents
- 5.8K Security
- 305 USG FLEX H Series
- 283 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 255 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.7K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 77 Security Highlight
