Comments
-
The way Rodukas explained this is a bit confusing . But, what is meant by "outside" the ceiling means attached it on the ceiling like a smoke detector (on the sheet rock). Not under the sheet rock or ceiling tiles, so it is not visible when you look up. In large office building, some requirements might be to place the AP…
-
@PeterUK I have disabled App Patrol on this rule and it did not help. The unwanted traffic is still making it through the Rule, ignoring the Source IP filter of 'All Approved WANs'. For clarity, we always set 1:1 NAT to each server as Any Source, Any Service to allow that traffic to flow to the Security Policies. At the…
-
Was able to figure this out with Zxyel Support. In my Approved WAN IP Group I had an open ended SUBNET Object instead of a RANGE Object. Which meant any IP with the range of from the low (.47) to high (.255) was coming through. My fault for overlooking this. Once I switched it to a Static or Range, the Source IP filter…
-
@PeterUK I have disabled App Patrol on this rule and it did not help. The unwanted traffic is still making it through the Rule, ignoring the Source IP filter of 'All Approved WANs'. For clarity, we always set 1:1 NAT to each server as Any Source, Any Service to allow that traffic to flow to the Security Policies. At the…
-
I have a similar issue with a new USGFLEX 200. Only recently, did I notice that all Security Policy Rules IGNORE 'Object Groups' if they are set as the Source IP within the Rule. Which is what mm_bret described above, "I have defined about 20 groups of address ranges in my hacker-reject list." and his spam traffic is…