Problem port forwarding on USG 100-Match default rule, DROP-ACCESS BLOCK

Bob702 Posts: 1
edited April 2021 in Security

Hopefully someone can help me.
I'm trying to port forwarding port 80 to a web server but the firewall is blocking it. I've done this many times before successfully but I'm having an issue this time...

Log shows:
Priority:Notice   Category:Firewall   Message:Match default rule, DROP   Source:(remote pc ip address)   Destination:Webserver_IP:80   Note:ACCESS BLOCK

In Configuration-Network-Firewall  I created a rule from WAN to LAN1 Source: ANY  Destination: LAN1_Subnet  Service: HTTP  Access: Allow
(I've also tried with Source:WAN interface IP address    Destination: Webserver IP address)

In Configuration-Network-NAT  I created NAT rule Type:Virtual Server   Interface: WAN1   Original IP: WAN_IP   Mapped IP: Webserver_IP   Protocol:ANY (also tried HTTP:80)

I also tried creating a Routing rule from WAN1 to Webserver while specifying service and port as well as leaving them set to ANY.

It's like the firewall is ignoring the rule and applying the default DENY rule at the bottom.

Other threads with similar topic haven't help.

Anybody have an idea?


All Replies

Security Highlight