-
Firewall USG Flex 100 unable to add the device to Nebula Cloud
Hi, I recently bought a second-hand fireewal USG Flex 100 (firmware V5.39(ABUH.0)). The device does not have a current license. Is it possible that without a valid license you cannot add a device to Nebula Cloud? It is seen as Offline (attachment). ZTP configuration is impossible, and trying with a USB drive also does not…
-
How can I forward an external WAN IP:PORT to internal LAN IP
Hi, I have a ATP700 and I have one static public IP address X.Y.Z.T and I want to do forward (virtual server or NAT 1:1) based on the FQDN, so that an external DNS will have:wiki.example.com -> X.Y.Z.Twww.example.com -> X.Y.Z.TThen the atp700 should forward to 10.0.0.1 or to 10.0.0.2 depending on the FQDN. Is it possible?
-
What "Packet(UDP) cannot be sent. reason: Network congestion" means actually?
USG40, firmware V4.73(AALA.2)ITS-23WK23-r109633 (latest available, lab version). This act as VPN endpoint for a lot of connections (8 gateways, 2 of these are Client2Server, 11 connections with 1 disabled currently). One of the SiteToSite connections use SQL+CIFS application, is the "most used" site according to this…
-
ATP500 with IPSec VPN and VPN Tracker and search domains....
Hi wizards, i have the following problem. I have setup IPSec VPN for some macOS clients with VPN tracker from equinux, using 2FA via e-mail. Everything is fine so far, execpt that the 2FA mails cannot be acknowlegded because the connection to the Firewall is somwhow blocked. Setup: Because of the lack of getting trusted…
-
USG60 unresponsive GUI and ZySH Daemeon Busy
Hi, I have a problem with my USG60 device. When I log in to the router via GUI it sometimes becomes unresponsivce for a while. I often then got an error message "Wrong CLI command, device timeout or device logout." and I have "ZySH daemon is busy" in error log. After a while GUI becomes responsive for a minute or two and…
-
USG 100 : Search latest firmware version
Hello, What is the latest firmware version of a USG 100, and where can I download an official version? Kind regards from France, Spootzy
-
site-to-site vpn, no communication
Having two USG Flex 100 and an VPN connection using IPSec with a pre-shared password. Latest firmware installed. We need 5 VLAN connected to both sides (branch and central). Subnet1 central: 10.7.1.0/24 Subnet1 branch: 10.8.1.0/24 Subnet2 central: 10.7.2.0/24 Subnet2 branch: 10.8.2.0/24 etc. VPN tell me, it's connected,…
-
VPN SSL DROP AFTER OPEN A RDS SESSION
Hi, my customer use zywall secuextender to connect to a VPN 100 the vpn connection work fine but if he want to connect his RDS session, THE VPN DROP here is the log [ 2024/09/16 17:21:29 ][SecuExtender Agent][DEBUG] Virtual network interface: \.\Global{AF359EC3-B88B-4562-82EF-CD6AC01BF5CF}.tap [ 2024/09/16 17:21:29…
-
VPN don't work
Hi, we have a VPN configured, using L2TP. It's not frequently used, but the last time it was working, 1 month ago, maybe… But now it's showing a error message when trying to connect using windows VPN. Error message: "Unable to connect to Palhoça Headquarters. L2TP connection attempt failed because the security layer…
-
configure sfp port
-
ATP100 as a client
Hello, how do I configure ATP100 to be an l2tp client and not a server? Здравствуйте, как настроить чтоб ATP100 был клиентом l2tp и не сервером?
-
USG40 DMZ
Hello, please help,am newbie,have a USG40 firewall,I would like to run a web server on the DMZ port, how do I have to configure the rules so that the web server can be reached from outside, everything works via Lan1 with port forwarding, I just don't know how it works with DMZ, on the Fritzbox which is the DSL modem they…
-
How to access local LAN from IPSec VPN tunnel via USG FLEX
Hi, i have following issue: I would like to access local LAN PCs after being successfully connected via IPSec VPN Tunnel, but can reach only the USG under the local IP adress like (192.168.171.1), but no other LAN PCs like (192.168.171.20) My network route looks as follows: Client PC (Windows) is connected over Zyxel IPSec…
-
VPN100 - smtp authentification password charset
Hi folks, I'm trying to setup an automatic email of our logs, but I'm facing a trouble : smtp authentification password are not considered valid if they contains a space character. As I'm using gmail to send emails, and password apps are generated by google and are always including spaces I'm in a dead end. Could you…
-
Flex 200H - Sending logs via email
Hello everyone, in the past I used to send logs via email, like you could do with USG60W. It was possible for the firewall: and for the APs managed on premise: So it was possible to config an email sent for what you wanted to see with the right panel: Is it possible to do the same also with 200H in the future? Right now…
-
use a specific wan port for a local ip address
i have usg60 device which have wan1 connected to a 5g router(with ip 192.168.1.85 and wan2 connected to a fiber router (with ip 192.168.0.85). the network is connected to lan1 with ip 192.168.2.85. in the configuration we have load balance and failover and a VPN L2TP-ipsec. the question is: how i can force a specific local…
-
IPSec ESP packets dropped by default security policy rule after reboot
This seems like pretty odd behavior. A site-to-site VPN, IKeV2, pre-shared key, local and remote policies are /24 networks, defined in the IPSec_VPN zone. On boot, the tunnel automatically connects but won't pass traffic. If I disable the security policy it will start passing traffic. If I re-enable the security policy it…
-
Cannot find SSL VPN client for MacOS anymore in Downloadcenter
a few month ago i could download SecuExtender VPN Client_SSL_VPN_Client_1.2.6 for MacOS but know i can not find it anymore. What happend? Is not possible anymore to download the client for the perpetual licenses? We bought 8 or 10 licences this year for this SSL-VPN Client moe
-
USG Flex 200H - Impossible to send config via email
Hello everyone, I upgraded to 1.21 firmware and as you can see it's impossible to send a backup config via email: While the connection test is passed: Is there a place where to set an autosend config when something is changed like it happens with "old" USG Flex and ATPs? Thanks
-
Geo IP filter works too much
I'd like to block traffic from China and I set Geo IP filter. Traffic from China is blocked. But part of traffic from Japan is also blocked. I must receive traffic from Japan. What can I do?
