Zyxel USG 110 - WEB ACCESS
DenisPereira
Posts: 8
in Security
Hello,
I have change the default policy of my Zyxel USG 110 to Deny, and since then i am not able to do login in the zyxel.
Any Idea how to get access to him?
I have made an update of firmware from 4.60 to 4.70, and i have a backup of my settings with version 4.60, i will be able to reset and put my Backup of version 4.60?
I have made an update of firmware from 4.60 to 4.70, and i have a backup of my settings with version 4.60, i will be able to reset and put my Backup of version 4.60?
Best Regards,
0
Accepted Solution
-
It's Solved.I have used the follow command:
Router> configure terminal
Router(config)# no firewall activate
0
All Replies
-
Hi
Hope you can access via console port
#enable
#configure terminal
#show secure-policy
Search the rule that cause you can’t access
For example rule1
Disable it
#no secure-policy 1
1 -
Hi @DenisPereira
Yes, you can apply old conf backup file from old fw, if you apply it with option "Ignore errors and finish applying the configuration file"
But if you have access to device via console, you can log to it and disable firewall
# configure terminal
# no secure-policy activate
After that you will can log via web, change default policy and activate firewall again.
1 -
If you have access again you should create a rule for admin access before settig the default policy to DENY.Additionally to protect your admin account, you should change the access port to another port than a well-known port number.Further you should allow the access to admin account from local zone only. Therefore you could deny the access from other zones like WAN, DMZ, etc. at SYSTEM > WWW > Admin Service Control.But anoher questions ... Where you've downloaded the v4.70 from? Our latest revision is v4.65 AAPH.1 WK32.1
-
WJS said:
Hi
Hope you can access via console port
#enable
#configure terminal
#show secure-policy
Search the rule that cause you can’t access
For example rule1
Disable it
#no secure-policy 1
Yes i am able to connect via Console, when i run this command the rule is not listed here. the rule i have change is the last without a number it's like the default "rule"0 -
alexey said:Hi @DenisPereira
Yes, you can apply old conf backup file from old fw, if you apply it with option "Ignore errors and finish applying the configuration file"
But if you have access to device via console, you can log to it and disable firewall
# configure terminal
# no secure-policy activate
After that you will can log via web, change default policy and activate firewall again.i have tried this, but the command "no secure-policy activate" is not recognized0 -
The command for Default-Rule reads:secure-policy default-rule action {allow | deny | reject}Try to "allow" it again fo getting back access.
1
Ally Member
Master Member
Categories
- All Categories
- 192 Beta Program
- 1.7K Nebula
- 93 Nebula Ideas
- 63 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 51 Switch Ideas
- 920 WirelessLAN
- 28 WLAN Ideas
- 5.4K Consumer Product
- 174 Service & License
- 296 News and Release
- 65 Security Advisories
- 14 Education Center
- 1K FAQ
- 453 Nebula FAQ
- 258 Security FAQ
- 100 Switch FAQ
- 115 WirelessLAN FAQ
- 22 Consumer Product FAQ
- 67 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 69 About Community
- 52 Security Highlight
