# Hardware Firewall problems with Access Control (ACL) Rules



## ardani (Aug 24, 2016)

Hy,
I am trying very hard to set up my hardware firewall. Its a Zyxel SBG 3500 bn.

I once configured a Zyxel firewall and i thought it would work the same way. 
Big problem: When i activate the last rule (default rule) i have no acess to internet (some old fashioned sites can be openend, but facebook, youtube etc. can't).

I have attached to images of the configuration, does anybody have a clue?
All rules were defined by myself.
Second picture shows the defined Port Template for https, http looks the same but with port 80.
Looking forward to find an answer from a knowing person, would help me much!


----------



## MitchConner (May 8, 2015)

Hmm.

The second image (adding a protocol), seems a little odd to me. Protocol 0 is (from memory) for an IPv6 function, it should be 4 for IPv4.

Try changing rules 2 & 3 to match the others using TCP 80 & TCP 443.

Pro tip: You don't need that reject rule at the top as it will be caught by the default deny at the bottom.


----------



## ardani (Aug 24, 2016)

Hy Mitch, thank you for response.

Thanks for the pro tip, i absolutely agree.
But Protocol 0 is just the template and default value for adding ports, but very clever from your side!

Today about 02:00 oclock in the morning i decided to ship this **&/=)/!**' device back.
I am using a Zyxel USG200, and it works perfectely. I think when i manage to get the USG200 working its definitely not me being the problem.
The SBG3500 is A) defect or B) **&/=)/!**' . 
Appologies to shout before getting all options clarified, but thanks for your reply.

i will close that issue, regards


----------

