Zyxel USG 110 - WEB ACCESS
DenisPereira
Posts: 8 
Freshman Member
Freshman Member
in Security
Hello,
I have change the default policy of my Zyxel USG 110 to Deny, and since then i am not able to do login in the zyxel.
Any Idea how to get access to him?
I have made an update of firmware from 4.60 to 4.70, and i have a backup of my settings with version 4.60, i will be able to reset and put my Backup of version 4.60?
I have made an update of firmware from 4.60 to 4.70, and i have a backup of my settings with version 4.60, i will be able to reset and put my Backup of version 4.60?
Best Regards,
0
Accepted Solution
-
It's Solved.I have used the follow command:
Router> configure terminal
Router(config)# no firewall activate
0
All Replies
-
Hi
Hope you can access via console port
#enable
#configure terminal
#show secure-policy
Search the rule that cause you can’t access
For example rule1
Disable it
#no secure-policy 1
1 -
Hi @DenisPereira
Yes, you can apply old conf backup file from old fw, if you apply it with option "Ignore errors and finish applying the configuration file"
But if you have access to device via console, you can log to it and disable firewall
# configure terminal
# no secure-policy activate
After that you will can log via web, change default policy and activate firewall again.
1 -
If you have access again you should create a rule for admin access before settig the default policy to DENY.Additionally to protect your admin account, you should change the access port to another port than a well-known port number.Further you should allow the access to admin account from local zone only. Therefore you could deny the access from other zones like WAN, DMZ, etc. at SYSTEM > WWW > Admin Service Control.But anoher questions ... Where you've downloaded the v4.70 from? Our latest revision is v4.65 AAPH.1 WK32.1
-
WJS said:
Hi
Hope you can access via console port
#enable
#configure terminal
#show secure-policy
Search the rule that cause you can’t access
For example rule1
Disable it
#no secure-policy 1
Yes i am able to connect via Console, when i run this command the rule is not listed here. the rule i have change is the last without a number it's like the default "rule"0 -
alexey said:Hi @DenisPereira
Yes, you can apply old conf backup file from old fw, if you apply it with option "Ignore errors and finish applying the configuration file"
But if you have access to device via console, you can log to it and disable firewall
# configure terminal
# no secure-policy activate
After that you will can log via web, change default policy and activate firewall again.i have tried this, but the command "no secure-policy activate" is not recognized0 -
It's Solved.I have used the follow command:
Router> configure terminal
Router(config)# no firewall activate
0 -
The command for Default-Rule reads:secure-policy default-rule action {allow | deny | reject}Try to "allow" it again fo getting back access.
1
Master Member
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 164 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 364 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight
