Filter
Top Products
Chapter 56 Troubleshooting
ZyWALL USG 1000 User’s Guide
881
However, you need to manually edit any address objects for your LAN that are not
based on the interface.
I configured application patrol to allow and manage access to a specific service
but access is blocked.
• If you want to use a service, make sure both the firewall and application patrol
allow the service’s packets to go through the ZyWALL.
• The ZyWALL checks firewall rules before it checks application patrol rules for
traffic going through the ZyWALL.
I configured application patrol to block use of a specific service but a few packet’s
still get through.
The ZyWALL allows the first eight packets to go through the firewall, regardless of
the application patrol policy for the application. The ZyWALL examines these first
eight packets to identify the application.
I configured policy routes to manage the bandwidth of TCP and UDP traffic but the
bandwidth management is not being applied properly.
It is recommended to use application patrol instead of policy routes to manage the
bandwidth of TCP and UDP traffic.
Device HA is not working.
• You may need to disable STP (Spanning Tree Protocol).
• The master and its backups must all use the same device HA mode (either
active-passive or legacy).
• Configure a static IP address for each interface that you will have device HA
monitor.
• Configure a separate management IP address for each interface. You can use it
to access the ZyWALL for management whether the ZyWALL is the master or a
backup. The management IP address should be in the same subnet as the
interface IP address.
• Enable monitoring for the same interfaces on the master and backup ZyWALLs.