-
VPN100 and FW 5.39 availability
Do you know when we will have the updated firmware 5.39 for the VPN100 series ? I am facing modifications in safety policy and creation of users by hackers. I have removed the modifications but what can you suggest ? Regards
-
64 object limit for IP group
Hello to everyone, today I discovered that there's this limit of 64 entries for Address group, and it hit me in two ways. 1: the limit is present on ZLD 4.x device like USG40. 2: the limit is also present on a ZLD 5.x device, like USG Flex 50 (or as it was born… USG 20 VPN. 3: the limit is not present on a ZLD 5.x device…
-
Site2Site VPN and IKEv2 VPN - No Route to Remote Site
Hello, I have a problem with my ATP. There are 2 different VPNs: Site2Site (HQ<->EXT): 172.16.0.0/16 (HQ) to 172.17.0.0/16 (External Site) IKEv2 for clients (HQ): Range 192.168.10.10 to 192.168.10.100 The S2S connection to the external site (EXT) works without problems when I use it in the HQ, i.e. without an additional…
-
USG40 - routing traffic between two networks
I have two networks in our office: one for general office traffic (192.168.2.x - P1/lan1), and one for a control system (machine automation, PLCs, etc) (192.168.15.x - P4/DMZ). I need to keep the control network isolated so it doesn't get bogged down by heavy office traffic. However, I want to be able to access specific…
-
VPN BETWEEN ZYXEL ATP200 AND FRITZBOX! 7590
Good morning at all,I'm trying to create an IPSec VPN Tunnel between an ATP200 and Fritzbox 7590 without success.Does anyone did this VPN configurantion and can help me? On the Fritzbox the error is:Errore IKE 0x203D --> "phase 1 sa removed during negotiation" The ATP Debug log is atached as "TESTVPN_LOG.txt" Thank you so…
-
Our organization has a USG 1100 firewall installed. We have forgotten the password, what can we do?
-
no IP address from OpenVPN SSL client
I try to connect with the OpenVPN client to a Zyxel Flex 100H with SSL VPN. if I look in the logs the SSL VPN client IP assigned is 192.168.200.2 If I look in the command window I see an 169 address what means that the VPN client did nog get an IP address. I can't get an RDP session despite I am connected. What goes wrong?…
-
USG Lite 60AX feedback as requested for device testers
Device itself nice and compact, very suitable for Home Office users, especially in organizations which already have their network infrastrucure based on Zyxel devices. Two 2.5GHz ethernet ports makes it also future-proof for increasing speeds on home internet connections. Configuration is as easy as on any Nebula-based…
-
SecuExtender VPN Client IPSec 2.2.0.019 not saving password. Doesn't launch 2FA page.
Hello, I have a lot of Windows SecuExtender Clients out there and they work fine. Just installed on a MacBook running Ventura and it's hobbled?? I enter the credentials under EAP and click Configuration→Save. It doesn't save the credentials. When I try the connection fails on EAP. However, if I check EAP Popup and enter…
-
Old Zywall USG 100 DNS inspection feature
Hello… I have an old Zywall USG 100 working flawlessly for 15 years. Yes I know it's end-of-life with all licenses expired… but it still works :) Can someone help me enable its DNS Inspection feature? For example, I have set it up to catch DNS requests for www.printables.com website. This site's IP is whitelisted in 'test'…
-
Port forwarding on VPN100 doesn't work
hello I'm trying since some days to get a certain port forwarded to ony of my clients and I don't get it to work. maybe some basics first: got a fritzbox as modem AND router first (unfortunately there's no bridge mode) zyxel vpn100 is connected over WAN port to the fritzbox, get's an internal IP-address of fritzbox all…
-
Routing internet traffic (only specific domains) through double sNatted IPSec VPN
Good morning i need to route web traffic towards specific domain through a IKEv2 ipsec vpn between two sites with overlapping subnets. Scenario Site A (natted wan ip, can't change nats) calls site B (natted wan ip, CAN change nats) and establish ipsec vpn "site to site with dynamic peer scenario". Both sites have sNAtted…
-
USG20W-VPN Session Monitor Traffic from Server "Wiz_SSL_VPN" No VPN Defined after RESET
After upgrading to 5.39, and performing Factory RESET on Router, I had to rebuild Client's configuration per Zyxel Support recommendation New configuration (after factory RESET) has no VPN defined, After rebuilding Client's Router manually, I'm seeing a lot of Traffic when I view "Session Monitor" from the Server IP,…
-
Zywall 110 documentation
I appreciate this product is now EOL but what was the last Zywall 110 handbook number? Where can it be downloaded from? The latest one ive been able to find is ZyWALL 110_ZLD4.38_Handbook but that appears to be from 2020?
-
Can I route traffic to the ipsec vpn tunnel site to site from another subnet?
I have a vpn tunnel between 192.168.110.0/24 (office 1) and 192.168.101.0/24 (office 2). There is a need to connect a host from another subnet of office 1 (192.168.100.0/24) to office 2. Can I do this without creating another vpn tunnel? I've tried configuring the route now, but I suspect it doesn't work because of NAT or…
-
Config file
I have a USG20W-VPN and USG20-VPN as a backup. When we had 2 of the 20W I would just save the config file when I made a change to the router, and upload that config if it ever became necessary. Lost my main due to a water leak,and ended up with a 20-VPN not 20W. I doubt it's possible, but would the same thing work with the…
-
Security policy rule blocks all traffic at all times
Hi, I am trying to allow traffic here between 8 AM and 9.30 PM and block it at all other times. What it does instead is blocking traffic at all times. What's wrong here, and how to fix it? Thanks a lot!
-
VPN to Flex100H is driving me crazy
I used to use Zywall 110s (primarily) to connect my homes. 6 Locations. As Zywall 110s are no longer updated - it was time to move on. This summer I replaced a Zywall 110 with a Flex 100H. I did not do any further changes when I found out that the 100H Flex does not support forcing a specific VPN tunnel as next hop.…
-
How to configure dual WAN
Hi Guys, We have a USG60 with dual WAN and I would like to have LAN1 use WAN1 for internet and VLAN1 use WAN2 for internet. Is this possible ? Many Thanks Bran
-
SecuExtender is not supported on MacOS 15 (Sequoia)
I remember that it took a month to resolve the last time I posted about a MacOS update. Here's to hoping the devs have an update ready much sooner this time.