Geography does not work




wantes to block access from outside austria for an external service.
adde d geo austria , made nat and securriy rule with source austria. Somerimes it work. Other times source is blocked and the block is logged
Log shows ,that the source comes from austria.
bit austria should be unblocked.
Removing geo give access to all and the service works
this problem exists at actual flex series (dont know if h series to) and on older usg. Thonk the problem exists since 4.38
All Replies
-
Hi @webdisaster,
What's the log when the access is blocked? And what's your full security policy list?
Zyxel Melen0 -
Blocked with austrian flag at the end of the line. the strange thing is that sometimes it works
added group GEO. addad austria to group
made Firewall rule and NAT ( not representative - like i do every time on forwarding)
wan to lan1 sourc. GEO dest. 192.168.110.253 (Obj. XPC) service 1001 (XPC-Service) allow
Security Policy Control
Match default rule, DROP
x.x.x.x:53812
192.168.110.253:1001
0 -
If the other end uses a VPN then the rule will not apply
0 -
yes its a vpn. Flex is a VPN Endpoint. want to secure it to specific country
0 -
how does the other end and from where connect to this port 1001?
0
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 156 Nebula Ideas
- 106 Nebula Status and Incidents
- 5.9K Security
- 321 USG FLEX H Series
- 286 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 257 Service & License
- 399 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 78 Security Highlight