Have a smaller client that has been using a Cyberoam CR15ing for quite a with a Google Fiber connection and a LAN of about 15 endpoints. They recently moved, but the ISP is still Google Fiber. They had to leave the GF box, but we configured the new one identical to the original. So the only difference should be the public / external IP of the GF box - which is set with the CR15ing as the "DMZ" (all traffic passed through to this device). This is bridge-mode setting for the GF box, but the Cyberoam still gets an internal IP on its WAN side. Not sure any of this matters, as the exact same config worked for years at the previous location with same ISP, same hardware, act.
At the new location, the internet connection and outbound traffic seems fine, but the inbound is not working right. Some traffic is getting through, but it seems selective. The FTP virtual host / port-forward is not allowing a external connection, but I cannot figure out why.
The firewall logs are not showing anything hitting port 21.
Also, we keep getting a flood of Local ACL denied events in the firewall log.
See screens below. Please advise if you have any ideas.