V4.32 NAT port 80 and 443 not allowed

Zyxel_Cooldia
Zyxel_Cooldia Posts: 1,511  Zyxel Employee
Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments
edited July 2 in Security Ideas

This discussion was created from comments split from: V4.32 NAT port 80 and 443 not allowed

Description: For NAT port mapping setting, add a check box override or even a check how the GUI is being accessed (a smarter check) to know the user can still log in after the rule

0 votes

Active · Last Updated

Comments

  • Jasper
    Jasper Posts: 1  Freshman Member
    First Comment
    Is this issue going to be addressed in a future firmware? I realize that I can change the Zywall web interface port but this is not desired since I do not care or want to access the Zywall web interface over the WAN interface.
  • dagnygren
    dagnygren Posts: 1  Freshman Member
    First Comment

    This is pure stupidity. What you are saying here is that your customer running a WEB server cannot use your product without modifying the internal port of the Zywall GUI ????

    And secondly basic security tells you that you NEVER EVER open any firewall services to the WAN! Why would Zywall then "consume" that port?

    Fix it!

  • PeterUK
    PeterUK Posts: 3,460  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    What I don't get is you can NAT port 22 without conflict! if you have SSH enabled! so why ports 443 and 80 but not 22? the user with one WAN IP should already understand that if you NAT ports 443 and 80 the Zywall GUI can only be accessed on the LAN side unless changed.

  • FrankNL
    FrankNL Posts: 1  Freshman Member
    First Comment
    edited July 2020
    Same problem with ATP700 running 4.55.

    Edit: Found a workaround. Create a Service-Group and add http and/or https. Select the service group instead of the the service when you create a nat rule. The GUI doesn't check for port conflicts within service-groups.