USG 4.33 Firmware Available - Experiences?

124»

All Replies

  • AntonioX
    AntonioX Posts: 6  Freshman Member
    First Comment Friend Collector First Anniversary
    I'd like to say "Thank you" to @Zyxel_Charlie. He found the problem.

    I enabled the "web authentication" and I had 3 rules, in this order:
    - one to allow some internal servers and some VOIP phones to go to internet without authentication
    (Incoming: LAN1 - Source: free_internet_group - Destination: any - Authentication: unnecessary)
    - one to force all LAN1 subnet pc to authenticate with SSO (some user in certain AD groups are allowed to use internet)
    (Incoming: LAN1 - Source: LAN_1_SUBNET - Destination: any - Authentication: SSO)
    - one (the default rule) to require authentication to all
    (Incoming: any - Source: any - Destination: any - Authentication: required)

    @Zyxel_Charlie wrote me to create another rule on the top:
    Incoming: any
    Source: any
    Destination: the IP of the internal server to be accessible from the outside
    Authentication: unnecessary

    And now I can see my internal servers from outside.

    Thanks!!! 

Security Highlight