V4.32 NAT port 80 and 443 not allowed

Zyxel_Cooldia
Zyxel_Cooldia Posts: 1,426  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited August 2022 in Security Ideas

This discussion was created from comments split from: V4.32 NAT port 80 and 443 not allowed

Description: For NAT port mapping setting, add a check box override or even a check how the GUI is being accessed (a smarter check) to know the user can still log in after the rule

0 votes

Active · Last Updated

Comments

  • Jasper
    Jasper Posts: 1
    First Comment
    Is this issue going to be addressed in a future firmware? I realize that I can change the Zywall web interface port but this is not desired since I do not care or want to access the Zywall web interface over the WAN interface.
  • This is pure stupidity. What you are saying here is that your customer running a WEB server cannot use your product without modifying the internal port of the Zywall GUI ????

    And secondly basic security tells you that you NEVER EVER open any firewall services to the WAN! Why would Zywall then "consume" that port?

    Fix it!

  • PeterUK
    PeterUK Posts: 2,655  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    What I don't get is you can NAT port 22 without conflict! if you have SSH enabled! so why ports 443 and 80 but not 22? the user with one WAN IP should already understand that if you NAT ports 443 and 80 the Zywall GUI can only be accessed on the LAN side unless changed.

  • FrankNL
    FrankNL Posts: 1
    First Comment
    edited July 2020
    Same problem with ATP700 running 4.55.

    Edit: Found a workaround. Create a Service-Group and add http and/or https. Select the service group instead of the the service when you create a nat rule. The GUI doesn't check for port conflicts within service-groups.