firewall turning on vpn50

ktv
ktv Posts: 5
First Comment
edited April 2021 in Security
Hi,
I've got a simply question about turning on firewall rules- my client has zyxel vpn50 device, and as I see there is no check on   Enable Policy Control, does it means that all rules are not working and router is allowing for any data transfer?

Can I safely change Action in (last) default rule to ALLOW, and then Enable Policy Control? (router is working as VPN server, it has some port forward rules in NAT section)?
I ask becouse router has open Remote Managment (443) port which I want to disable it on WAN interface (I can do it remotely ond I dont want to screw his rules and internet sharing ).. 




Best Answers

  • jasailafan
    jasailafan Posts: 193  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary
    Answer ✓
    It is not safe to change the default rule to ALLOW. If you want to disable Remote Management (443) port on WAN interface, just remove HTTPS from the group object Default_Allow_WAN_To_ZyWALL.
  • PeterUK
    PeterUK Posts: 3,331  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Answer ✓
    ktv said:
    ... and as I see there is no check on   Enable Policy Control, does it means that all rules are not working and router is allowing for any data transfer?

    Correct which is bad....very bad :o

All Replies

  • jasailafan
    jasailafan Posts: 193  Master Member
    5 Answers First Comment Friend Collector Sixth Anniversary
    Answer ✓
    It is not safe to change the default rule to ALLOW. If you want to disable Remote Management (443) port on WAN interface, just remove HTTPS from the group object Default_Allow_WAN_To_ZyWALL.
  • PeterUK
    PeterUK Posts: 3,331  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Answer ✓
    ktv said:
    ... and as I see there is no check on   Enable Policy Control, does it means that all rules are not working and router is allowing for any data transfer?

    Correct which is bad....very bad :o
  • ktv
    ktv Posts: 5
    First Comment
    Thank you for assistance, everything , evrything goes well :)

Security Highlight