• force outgoing through the xfrm interface
    Gib GoDesk
    Hello, everyone. I created a DNAT rule. I receive the communication on the local interface at the SFW's IP address on the LAN and translate it to another destination that is remote on the VPN. I force...
  • 2 WAN-Links (use primary one, and only if failover the second) - Problem with DNAT on failover Interface
    nils50122
    Hello, we have an question because in the past we have problems with DNAT when configuring our two WAN-links as active/passive. As a workaround we configured the two interfaces as active/active,...
  • AD Accounts locked by brute force despite MFA & ACL rule
    Markus Quirmbach
    Hello everyone, we have a XGS set up with SSL VPN, the VPN Portal, AD integration and MFA for every user. Currently we are facing brute force attacks on the VPN Portal. We tried to prevent those by setting...
  • No way to allow web proxy access from the WAN interface?
    dirkkotte
    Is it correct, that it is not possible to access the web proxy via the WAN interface, even if there is a suitable ‘Local service ACL exception rule’ ... or does anyone have a solution for this? I always...
  • HA link zone?
    Quallensaft
    What's "best practice" regarding HA link network? - at the moment my HA link network (physical port / peer2peer) is zone DMZ -> not cool because SSH access for DMZ zone must be activated or HA will not...