firewall turning on vpn50

Options
ktv
ktv Posts: 5
First Comment
edited April 2021 in Security
Hi,
I've got a simply question about turning on firewall rules- my client has zyxel vpn50 device, and as I see there is no check on   Enable Policy Control, does it means that all rules are not working and router is allowing for any data transfer?

Can I safely change Action in (last) default rule to ALLOW, and then Enable Policy Control? (router is working as VPN server, it has some port forward rules in NAT section)?
I ask becouse router has open Remote Managment (443) port which I want to disable it on WAN interface (I can do it remotely ond I dont want to screw his rules and internet sharing ).. 




Best Answers

  • jasailafan
    jasailafan Posts: 191  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    It is not safe to change the default rule to ALLOW. If you want to disable Remote Management (443) port on WAN interface, just remove HTTPS from the group object Default_Allow_WAN_To_ZyWALL.
  • PeterUK
    PeterUK Posts: 2,714  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    ktv said:
    ... and as I see there is no check on   Enable Policy Control, does it means that all rules are not working and router is allowing for any data transfer?

    Correct which is bad....very bad :o

All Replies

  • jasailafan
    jasailafan Posts: 191  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    It is not safe to change the default rule to ALLOW. If you want to disable Remote Management (443) port on WAN interface, just remove HTTPS from the group object Default_Allow_WAN_To_ZyWALL.
  • PeterUK
    PeterUK Posts: 2,714  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Answer ✓
    Options
    ktv said:
    ... and as I see there is no check on   Enable Policy Control, does it means that all rules are not working and router is allowing for any data transfer?

    Correct which is bad....very bad :o
  • ktv
    ktv Posts: 5
    First Comment
    Options
    Thank you for assistance, everything , evrything goes well :)

Security Highlight