I've update one XG105 to Firmware 17.5 MR12 and can't access the Webadmin now from WAN.
The Device access for Admin services (HTTPS, ssh) is not allow on the WAN, but there are some Local service ACL exception rules which accept this services from our admin networks. I know there is an issue with this exceptions in MR10 & MR11 (NC-58339) but a fix for the next maintenance release was targeted.
@Sophos: Is this fix in MR12?
Has anybody else this setup working with MR12?
Did you have an Any-Any drop firewall rule configured? If so, you should disable this as the firewall has an implicit default drop rule (rule 0).
The fix for NC-58339 is tentatively scheduled for 17.5 MR13.
It seems that the fix it's not available in 17.5 MR13 too.
I received an update from our development team. The fix for this issue (NC-58339) is now tentatively scheduled to be included in the upcoming SFOS v17.5 MR14 release.