Port 8080 in Default_Allow_WAN_To_ZyWALL
Hi,
in the ATP 500 Zyxel configuration, among The service groups, in the Group "Default_Allow_WAN_To_ZyWALL" I can see it does include the service Wiz_2FA port 8080.
What is the usage of this service in the WAN to ZyWALL comunication?
I am asking this cause in the log of the firewall i can notice many Forward access from different countries to zyWall and I Wonder if this is something unsafe that could be blocked.
Thanks in advance for your answers
Regards
Filippo
Regards
Filippo
0
Best Answers
-
Hi @xkp68
The service port 8008 for two-factor-authentication portal page in default setting.
If your VPN tunnel doesn't require for 2FA, you can remove the object from policy control rule.
Or add the rule to allow the trusted incoming IP address by GeoIP object.
0 -
Hi @xkp68
The "client" I mentioned means Internet people accessing to your Device.
Since your rule is:
From: WAN, To: ZyWALL, Action: Allow.
If there is other rule with higher priority with the same condition, then traffic will match first.0
All Replies
-
Hi @xkp68
The service port 8008 for two-factor-authentication portal page in default setting.
If your VPN tunnel doesn't require for 2FA, you can remove the object from policy control rule.
Or add the rule to allow the trusted incoming IP address by GeoIP object.
0 -
Thanks for your kind reply.So, as we are using 2FA,(1)is it ok if I just modify the existing rule "WAN_to_Device" so that the field "IPV4 Source" will change from "any" to your "Geo-Germany" GeoIp Object (of course properly configured with my country).?Or
(2) should i remove the 8080 from the "Default_Allow_WAN_To_ZyWALL" and then create a new rule only for 8080 from WAN to ZyWall with the field "IPV4 Source" setted to your "Geo-Germany" GeoIp Object?Considering that no one manages the Device from outside the country or uses the VPN, and that I have noticed, in the log, many connections even to other ports of the Default_Allow_WAN_To_ZyWALL group, i wish i could use the first approach, but i am not sure if there are other side effects if i follow the (1) approach instead of the (2).Any advice?By the way, if i want to apply the rule to a group of coutries, creating a geoip object for each country and then creating an address group for all the geoip objects to which i will apply the rule is the only way?
Regards0 -
Hi @xkp68
If all of your clients are come from the same country, you can keep current configuration and change object from "any" to "Geo-Germany".
If clients are come from many countries, you can separate it as new rule.0 -
Hi again,
when u use the word "client" do u mean only VPN client or any people accessing services behind the firewall?
Thanks again0 -
Hi @xkp68
The "client" I mentioned means Internet people accessing to your Device.
Since your rule is:
From: WAN, To: ZyWALL, Action: Allow.
If there is other rule with higher priority with the same condition, then traffic will match first.0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 148 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight