USG20-VPN -> Security policy -> Default rule
Hi there,
We own a USG20-VPN running as our gateway-firewall with the wan-nic connected to the Internet.
Checking the configuration we've found something i (hope) don't understand.
What looks to me like the default (catch-all) rule is set to "Allow"…(see image) but i was expecting to find it set to "Deny" !
There is something i'm missing or our firewall is really allowing traffic from everywhere ?
Thanks
All Replies
-
Some how it changed but you can set it to deny and log again.
0 -
Hi @Escagency,
Welcome to Zyxel Community!
Based on the picture you provided, we recommend editing the default policy action to 'deny', or upgrading your device to the latest firmware version V5.40(ABAQ.0).
Before updating the firmware, please download and back up the current running
startup-config.conf
file. from MAINTENANCE > File Manager > Configuration File.The following steps describe procedures to upload firmware and reboot the device.
- Upload firmware to the standby partition.
- Click Yes to reboot the Zyxel Device.
- The firmware you uploaded is copied from the standby partition to the running partition.
- Your current configuration settings are saved.
- The Zyxel Device reboots. The firmware you uploaded becomes the running firmware. Your current
configuration settings are applied.
Zyxel Tina
0 - Upload firmware to the standby partition.
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 176 Nebula Ideas
- 118 Nebula Status and Incidents
- 6.1K Security
- 428 USG FLEX H Series
- 298 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 274 Service & License
- 419 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 89 Security Highlight