Flow rules for managed routes


I have managed route configured
and I try to implement flow rules
not matter what I do, i get blocked unless I configured them to accept all.
My guess is that accept action kind of break the “redirect” of the managed route.

What am I missing ?

The managed router is

# Allow access to relevant servers and services
accept ipprotocol tcp ipdest dport 81;
accept ipprotocol tcp ipdest dport 8080-8086;
accept ipprotocol tcp ipdest dport 5000 or dport 9000 or dport 9001;
accept ipprotocol rdp ipdest;
# Drop All

Hey there. Flow rules aren’t your standard stateful firewall. What your rules are telling the ZT network is that ONLY packets going to the hosts in your ruleset are allowed. What about the return packets FROM those servers/services? As your ruleset exists right now, those return packets are not allowed. That’s why you’re seeing traffic cut off

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.