-
"No proposal chosen" VPN IPSEC L2TP Connection between Zyxel USG50 flex and MacOS Sonoma
Hi, due to the SSL_VPN Client 1.2.6 for MacOS ist EOL we try to switch from SSL_VPN to L2TP IPSEC VPN. I configured everything like in the description even the encryption to AES256/SHA256 which seems to be nessesary for Sonoma. But i only got this when i try to connect: my config for the Gateway is: whats wrong? best, moe
-
how to use two different providers
Hi, I have an USGFLEX50 to which I would like connected two different internet providers: FASTWEB connected to the WAN port and VODAFONE connected to the WAN2 port. I would like to create two internal networks with different address classes: LAN (192.168.0.0/24) and VLAN (192.168.10.0/24) I would like LAN uses WAN…
-
Site to site
Good morning, I have a working configuration with Usg210 site to site with Gateway Edge server farm firewall. We just purchased a 500 flex. The site to site configuration procedure is working, but I can't get to the machines behind the edge firewall, which I did before with the 210 easily. I checked the configurations, I…
-
USG Flex 200H - Renaming interfaces
Hello everyone, I went to configure parameters and names about standard interfaces on this 200H but I was unable to do that: It seems strange to me because I could do that on an old USG60 that I use for configs' tests: Is this something expected? See you soon 😁
-
Session Control and YouTube Restricted Mode
Hello, After the firmware update V5.38(ABTJ.0) for ATP700 the session control limit was set to 8192, I have no idea where this number came from, besides users couldn't browse anything, even though the Internet was working, till I deactivated the session Limit. Should I enable and set the limit to 0 (unlimited) or should I…
-
USG Flex 200H - Real IP for logged in users
Hello everyone, I updated to 1.21 firmware and I cannot identify real IP from which the users are logged in: As you can see there are 2 users logged in but I cannot see from which IP. Is there a way to discover that? Thanks a lot
-
USG Flex 700 - ARP packet capture
We received a query from our ISP that it is receiving a huge number of ARP requests from our USG. To check this, we've activated the packet capture on WAN1 port, but received only a few ARP requests originated from different ISP IP addresses. My question is, does the USG captured also its own outgoing packets or only…
-
USG FLEX 700 - 2FA-access.cgi Customize ?
Hi, is it possible to customize the webiste for the 2FA-access.cgi file ? We would like to add an "autofocus" to the "key" input field.
-
atp800 device-ha - exceed timeout
HI in three couple of ATP800 (2 with 5.38, 1 with 5.39, ilocated in different locations, each other independent), every night, between 2am and 3am, in the logs of device-HA I see the following messages: Wed Sep 4 02:54:16 2024 Exceed timeout. Device may be still in healthy state but under heavy workloads. Wait for internal…
-
Completely unable to connect to USG60 Firewall
I'm trying to connect to a used USG60 Firewall I bought about a month ago. It shows up on my network, but I'm completely unable to connect to the network interface. I've tried factory resetting it about 4 times now with no changes. Any help would be awesome. Thanks!
-
No FQDN address objects on USG FLEX 200H?
I was astonished to discover that the new FLEX 200H firmware 1.10 does not allow FQDN address objects. When will this important feature be implemented? Is there a timeline? Without FQDN, the new devices are practically useless for us.
-
Firewall USG Flex 100 unable to add the device to Nebula Cloud
Hi, I recently bought a second-hand fireewal USG Flex 100 (firmware V5.39(ABUH.0)). The device does not have a current license. Is it possible that without a valid license you cannot add a device to Nebula Cloud? It is seen as Offline (attachment). ZTP configuration is impossible, and trying with a USB drive also does not…
-
How can I forward an external WAN IP:PORT to internal LAN IP
Hi, I have a ATP700 and I have one static public IP address X.Y.Z.T and I want to do forward (virtual server or NAT 1:1) based on the FQDN, so that an external DNS will have:wiki.example.com -> X.Y.Z.Twww.example.com -> X.Y.Z.TThen the atp700 should forward to 10.0.0.1 or to 10.0.0.2 depending on the FQDN. Is it possible?
-
What "Packet(UDP) cannot be sent. reason: Network congestion" means actually?
USG40, firmware V4.73(AALA.2)ITS-23WK23-r109633 (latest available, lab version). This act as VPN endpoint for a lot of connections (8 gateways, 2 of these are Client2Server, 11 connections with 1 disabled currently). One of the SiteToSite connections use SQL+CIFS application, is the "most used" site according to this…
-
ATP500 with IPSec VPN and VPN Tracker and search domains....
Hi wizards, i have the following problem. I have setup IPSec VPN for some macOS clients with VPN tracker from equinux, using 2FA via e-mail. Everything is fine so far, execpt that the 2FA mails cannot be acknowlegded because the connection to the Firewall is somwhow blocked. Setup: Because of the lack of getting trusted…
-
USG60 unresponsive GUI and ZySH Daemeon Busy
Hi, I have a problem with my USG60 device. When I log in to the router via GUI it sometimes becomes unresponsivce for a while. I often then got an error message "Wrong CLI command, device timeout or device logout." and I have "ZySH daemon is busy" in error log. After a while GUI becomes responsive for a minute or two and…
-
USG 100 : Search latest firmware version
Hello, What is the latest firmware version of a USG 100, and where can I download an official version? Kind regards from France, Spootzy
-
site-to-site vpn, no communication
Having two USG Flex 100 and an VPN connection using IPSec with a pre-shared password. Latest firmware installed. We need 5 VLAN connected to both sides (branch and central). Subnet1 central: 10.7.1.0/24 Subnet1 branch: 10.8.1.0/24 Subnet2 central: 10.7.2.0/24 Subnet2 branch: 10.8.2.0/24 etc. VPN tell me, it's connected,…
-
VPN SSL DROP AFTER OPEN A RDS SESSION
Hi, my customer use zywall secuextender to connect to a VPN 100 the vpn connection work fine but if he want to connect his RDS session, THE VPN DROP here is the log [ 2024/09/16 17:21:29 ][SecuExtender Agent][DEBUG] Virtual network interface: \.\Global{AF359EC3-B88B-4562-82EF-CD6AC01BF5CF}.tap [ 2024/09/16 17:21:29…
-
VPN don't work
Hi, we have a VPN configured, using L2TP. It's not frequently used, but the last time it was working, 1 month ago, maybe… But now it's showing a error message when trying to connect using windows VPN. Error message: "Unable to connect to Palhoça Headquarters. L2TP connection attempt failed because the security layer…