TCP port 853 being routed to wrong interface
Guru Member
USG60W V4.62
routing rules
user-incoming-- source- destination-- Service-- next-hop --SNAT
any--vlan4093--any --- IP192168532-- DNS-- vlan53 -----IP1921685311
any--vlan4093--any--- IP1921685312--DNS-- vlan53---- IP1921685315
any--vlan4093--any--- any-- ---------any--- -wan2----- none
DNS service is port 53 UDP and TCP
Logs
Security Policy Control
Match default rule, DROP [count=3]
192.168.253.1:41822
vlan4093
192.168.53.12:853
vlan53
tcp
ACCESS BLOCK
Security Policy Control
Match default rule, DROP [count=3]
192.168.253.1:40828
vlan4093
192.168.53.2:853
vlan53
tcp
ACCESS BLOCK
The next hop for port 853 should be WAN2
All Replies
-
Hi @PeterUK,Is this issue been there all these while? Or it only happens occasionally? And when it happens, what did you do to recover it?Could you send me your configuration file in PM for further checking.0
-
I'm not sure when this bug happened I know every time I turn the WiFi on my phone it happens port 853 is DNS over TLS.
0 -
Its one of them things you think its wrong when in fact its correct!
Because I have a 192.168.53.0/27 it routes to that no matter what routing rules you have unless you use Overwrite Direct Route.
Case closed
0
Zyxel Employee
Categories
- All Categories
- 434 Beta Program
- 2.6K Nebula
- 170 Nebula Ideas
- 116 Nebula Status and Incidents
- 6K Security
- 393 USG FLEX H Series
- 295 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 43 Wireless Ideas
- 6.7K Consumer Product
- 267 Service & License
- 412 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight
