Geography does not work
Freshman Member
wantes to block access from outside austria for an external service.
adde d geo austria , made nat and securriy rule with source austria. Somerimes it work. Other times source is blocked and the block is logged
Log shows ,that the source comes from austria.
bit austria should be unblocked.
Removing geo give access to all and the service works
this problem exists at actual flex series (dont know if h series to) and on older usg. Thonk the problem exists since 4.38
All Replies
-
Hi @webdisaster,
What's the log when the access is blocked? And what's your full security policy list?
Zyxel Melen0 -
Blocked with austrian flag at the end of the line. the strange thing is that sometimes it works
added group GEO. addad austria to group
made Firewall rule and NAT ( not representative - like i do every time on forwarding)
wan to lan1 sourc. GEO dest. 192.168.110.253 (Obj. XPC) service 1001 (XPC-Service) allow
Security Policy Control
Match default rule, DROP
x.x.x.x:53812
192.168.110.253:1001
0 -
If the other end uses a VPN then the rule will not apply
0 -
yes its a vpn. Flex is a VPN Endpoint. want to secure it to specific country
0 -
how does the other end and from where connect to this port 1001?
0
Zyxel Employee
Guru Member
Categories
- All Categories
- 426 Beta Program
- 2.6K Nebula
- 163 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 345 USG FLEX H Series
- 289 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 261 Service & License
- 404 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 82 Security Highlight
