I am running ZS in the datacenter, only public IPs are assigned to the machine.. I’m unable to login to the web UI probably using the public IP because it only accepts requests from the private address pools originally configured in ZS.
Is there a way around that? is it possible to add a specific public address to the list of WUI allowed IPs using CLI? In the firewall menu in CLI I see Chain SYS_GUI & SYS_HTTPS, can these be edited?
Of course yes, but the previous settings will be restored at the first reboot, you can use the cli to allow a temporary https access to the system, and then change the access rules in Setup>>Web
After having saved, only the new rules will be present, and the rules added before via cli will be cleared.
Obviously you could also add your custom rules in post boot, different approach, but imho useless in this case, since you can play enough via ui.