Match default rule, DNAT Packet, DROP

Hoygen83Hoygen83 Member Posts: 12
edited March 8, 2020 6:40PM in ZyWALL ATP Series

I just deployed an ATP200 and upgraded his firmware to the V4.35(ABFW.3)

Then I made a nat rule:

from public_ip port xxxx translate to internal_ip port yyyy

I made the relevant security policy:

from wan1 to internal_ip port xxxx allow

I keep getting "Match default rule, DNAT Packet, DROP"

How can I troubleshoot using the web console or the tools inside the firewall and see why DNAT is failing?

Also I would troubleshoot if It is missing a route, or pat (port address translation) is failing or nat (network address) is failing.

Accepted Solution

All Replies

  • Hoygen83Hoygen83 Member Posts: 12

    Trying to troubleshoot the message: "Match default rule, DNAT Packet, DROP"

    i edited the security policy that now is.

    from wan to internal_ip allow all

    and the log message changed, now it is:

    priority:1, from WAN to ANY, TCP, service others, DNAT Packet, ACCEPT

    but if i telnet to public_ip xxxx i still get impossible to get connection.

  • Zyxel_JerryZyxel_Jerry Zyxel Official Agent Posts: 276  mod

    Hi @Hoygen83

    You can check if the telnet service is enabled on the device.

    Go to Configuration > System > TELNET > enable the telnet, and try to telnet again


  • Hoygen83Hoygen83 Member Posts: 12

    thanks the service is up.

    But still i have the issue.

Sign In to comment.