Knowledge Base

Why am I getting "Match default rule, DROP" on NSG event log?

Question

Why am I getting "Match default rule, DROP" on NSG event log?

Answer

There are default firewall rules configured on NSG, such as: Allow LAN outgoing, VLAN outgoing, Deny web access to NSG.
The last entry of default rules is to deny all traffic that doesn't match all higher priority firewall rules including outbound rules and NAT rules that are configured on Nebula Cloud.
The default drop rule's purpose, is to block some unnecessary traffic or attacker's traffic to protect LAN network because NSG is exposed to the Internet when it is using public IP on its WAN interface.
 
Example:
Same concept from USG



YES NO

Please leave your comment:

SUBMIT

Question Profile

LANGUAGE:
ARTICLE ID:017951
TYPE:General Info
FIRMWARE:V1.33(ABHP.2)
VIEWS:66
VOTES:0
TECHNOLOGY:
MODEL:NSG100,NSG200,NSG300 (view more model name)

Still have trouble with your device? Contact Zyxel technology support team directly!

Contact Zyxel Support