Why I cannot add Virtual Ethernet Interface to a Zone

Hello there.
ZYWALL 1100.
I have a zone WAN in which I have included an interface with MTS name. Then, I have created a virtual ethernet interface under MTS:1 name.
When I go to Configuration->Object->Zone screen, I cannot add the virtual interface to the WAN zone.
It could be OK. 
But when I set up From to WAN in Policy Control, firewall drops packets coming to the virtual interface address.
That's strange.
Isn't it a bug? Or I did something wrong?
Thanks.

All Replies

  • Zyxel_VicZyxel_Vic Zyxel Official Agent Posts: 150  mod
    Hi @nbfund
    Can you send me your config file via private message so that I can have more picture about what kind of policy control you had set?

  • Zyxel_StanleyZyxel_Stanley Zyxel Official Agent Posts: 717  mod

    Hi @nbfund

    Welcome to Zyxel community :)

    All of the virtual interface will be the same zone as physical ether interface.

    As your interface setting, MTS is belonging to WAN zone, then MTS:1 will be WAN zone.

     

    According your traffic is blocked by firewall rule issue.

    It is because you are configured wrong zone in the rule.

    All of the interface IP address has configured on ZyWALL, then these IP addresses will belonging to “ZyWALL” zone.

    So if you would like to access to your device by interface IP, then you should add the rule like:

    From: any, To: ZyWALL, Source: any, Destination: InterfaceIP, Action: Allow.

Sign In to comment.