Ghost traffic

nacho
nacho Posts: 10  Freshman Member
First Comment Friend Collector Fifth Anniversary
Hello,
I cannot access a service/port when the firewall (security policy) is enabled, but the traffic goes through when it is disabled.
However, I cannot see the traffic entry in the logs so I can whitelist it and reenable my firewall.

Kindly advise

Model: USG1100

Accepted Solution

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 888  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments
    Answer ✓
    Hi @nacho,
    The asymmetric route led to the issue.
    Create a policy based route on the L3 device where under the firewall to ensure the return traffic through the firewall.
    The issue was resolved. Thanks your time.
    Kevin

All Replies

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 888  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments
    Hi @nacho
    Please check you don't have the rule such like Src:LAN DST:WAN ACT:Block
    And kindly provide your configuration via Private Message. 
    I'll check and give the advice. 
    Thank you

  • nacho
    nacho Posts: 10  Freshman Member
    First Comment Friend Collector Fifth Anniversary
    Okay i will send the configuration.
    Actually it is WAN to DMZ 
  • Zyxel_Kevin
    Zyxel_Kevin Posts: 888  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments
    Hi @nacho
    I saw each WAN to DMZ rules have restricted destination IP.
    If only specific address cannot pass , please check you have the rule for the destination addresses.

    If the issue still we can have the remote session and please send your available time. 
    Thank you
    Kevin

  • nacho
    nacho Posts: 10  Freshman Member
    First Comment Friend Collector Fifth Anniversary
    Hi @Zyxel_Kevin
    We can do on Friday(04/11/2022) - 9am gmt+1
  • Zyxel_Kevin
    Zyxel_Kevin Posts: 888  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments
    Hi @nacho
    Please provide remote information at that time. 
    Thank you

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 888  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments
    Answer ✓
    Hi @nacho,
    The asymmetric route led to the issue.
    Create a policy based route on the L3 device where under the firewall to ensure the return traffic through the firewall.
    The issue was resolved. Thanks your time.
    Kevin

Security Highlight