Flex 200 and public web server
Freshman Member
I have a new Flex 200 and it's all set up and configured. I have NAT/Sec Policies for SIP and SSH working as expected, but I can't get Remote Desktop Services and a WEB server accessible from the outside. Note - the RDS is coming in on a different public IP than the web server so I have NAT policies for each of the two IPs sending that traffic to their respective private servers.
I created address objects and wrote NAT policies and Security Policies for the WEB server and I can't access it externally.
The Flex is managed on 8443 so I don't think that's my issue. I'm getting a
Match default rule, DNAT Packet, DROP
error in the log. It's for a Security Policy so I'm thinking I'm missing something in the sec pol, but I can't figure out what it is.
Anyone have any ideas?
Thanks
New INFO: If I switch the default rule to allow, I get an error that I've exposed the mgt interface and the SSLVPN to access from the internet so I'm pretty sure it has something to do with that.
Accepted Solution
-
Maybe you need to change the SSLVPN port too? VPN > SSL VPN > Global setting tab
you then need Policy Control from WAN to LAN
1
Guru Member
All Replies
-
Maybe you need to change the SSLVPN port too? VPN > SSL VPN > Global setting tab
you then need Policy Control from WAN to LAN
1 -
SSLVPN is already set to 9443 and I do have a policy set to allow https traffic on the public IP directed to the web server.
0 -
I added the WAN to LAN1 policy and it's working. Thank you.
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 75 Security Highlight
