Best Of
Re: mac-filtering on switch
There is now a new menu option in Switches > Authentication
Not sure how this is supposed to work.
I can choose "Nebula cloud authentication" from the drop down menu and fill in the Authentication policy settings. The "Authentication ports" column "0" is clickable, which links to the Switch Ports page with a "(policy=Test)" search filter applied. No ports with this policy are found, so I guess I have to enable the policy on each port, but cannot see a way to do so.
The model list page lists only the XGS1930 range...
...as does the device function table.
I am using the GS1920 range of switches. Will the cloud MAC authentication feature be extended to the GS1920 range or am I missing something?
SkyGoat
Re: mac-filtering on switch
It's almost there. I can go to Switch > Clients > Select a Client > Policy > Block List and the device is blocked from communicating. Just need the opposite of this so that all devices are blocked by default and have to be Allowed.
SkyGoat
Re: mac-filtering on switch
agh.. so we can not use nebula equipment at remote location where we want this security i guess..
Re: NSA320S Metarepository stopped working - try to upgrade from SMP1
At the moment http://zyxel.diskstation.eu/Users/Mijzelf/zypkg-repo/ works.
Mijzelf
Re: Hight channel Utilization
Hi,
We have the same settings as you apart from only three channel deployment. Changing to four channel or all channels available does indeed reduce channel utilization slightly but we then end up with incredibly unstable wifi that's close to unusable. Is there anything else you can recommend please?
Jamiewyc
Re: Broken Nas326
When a factory reset solves the problem, the problem was that the config was corrupted. The config is stored on an internal flash partition, containing several config files in different formats, and a factory reset basically puts a new filesystem on that partition.
I don't know how the config was corrupted. A power outage could do it, but I'd expect it to only be a problem when you was writing storing a config while the power went out. But I can be wrong. Theoretically it could be caused by worn-out flash. But if you search the forum you'll find more than once that the samba password got corrupted, while the shell password was still working. And a factory reset always solved that.
[quote]Shall I then put back the other raid 1 disk and will it build up the raid1 again? Nothing has change on the disks.[/quote]
When you have booted the box with only a single disk, the array will have to resync. Because 'nothing has changed on the disks' is unfortunately not true. The firmware has written some stuff. Resyncing is a more or less dangerous operation, as the whole disk will be read, and if there happens to be an unreadable sector, the disk will be dropped from the array, leaving you with a 0 disk raid1 system. That can be solved, but if you have the choice, make a backup before you resync the array.
[quote]Shall I continue with this rather old nas or shall I buy a new?[/quote]
Depends. You are aware that any Linux system can read your disks, even if the NAS dies? (As long as the disks don't die together, of course). Your NAS is still running, and a new one might not survive the 3 months burn-in.
When you want a new NAS, I'd stay away from ZyXEL. They seem to have abandoned the NAS world. The current lineup is old, and hardly maintained.
Mijzelf
WPA3-Enterprise Login Fails: "Certificate chain invalid"
My private home network uses wpa3 enterprise with nebula cloud authentication. My linux laptop can authenticate only when I choose not to require a CA certificate. My android phone running grapheneOS doesn't have this option because the OS is security-focused and this is a well-known security flaw which allows for man-in-the-middle attacks. Previously I could authenticate on my phone by choosing 'trust on first use' in the CA certificate field, however I had to do that every single time I wanted to connect to the network. For the past week or so I cannot even do that as I get the error in the title.
I would like to know a) where I can access Zyxel's CA certificate to install on my device, and/or b) when we can expect Zyxel to address this for cloud authentication.
Re: WPA3-Enterprise Login Fails: "Certificate chain invalid"
Hi @cglavan83 ,
At the present, there is no feature as downloading the certificate from Nebula for Android device which need to join the network uses WPA enterprise with Nebula cloud authentication. We assume this feature is also useful for other users, so, we would like to propose it as an idea for evaluation. You can find the link to the idea section below:
Thank you for using Zyxel products and service.
Re: NAS326 migrate RAID0 array to RAID1 on different disks
Good. For future experiments, 'cp -a', when run as root, copies all permissions and owners.
Mijzelf