-
809 Error/Tunnel Swapping with IKEv2
Hi there, we are currently running Client2Site Tunnels over IKEv2 using the integrated Windows 10 VPN Client which works fine for the most Part. But whenever I change something on the IKEv2 Tunnel (for example IP Range) I get 809 Errors from the Windows Clients (iOS works fine) and have to reboot the firewall to make it…
-
FLEX H Firmware Boot Issues
There is a security flaw in the current firmware of my device (and most probably other devices of this series). When the device is rebooted, the configuration on the interfaces is applied and for round about one minute, the configured Firewall rules are not applied. I realized that when rebooting my device with service…
-
USG FLEX 500 speed
we recently change our firewall with an USG flex 500 But we encounter a speed problem we have several internet lines all are for 500mb/sec but the speed sees the line has a very low upload speed. This is not a performance of the line if we test with a different router the speed is correct someon eknow how to solve it ?
-
ios vpn
-
Why TF does every firmware update screw up?!
Seriously, defaulted another device!? Pull you heads out. These devices arent next door, arent "default" installs. Yet every other firmware update defaults or locks a device!
-
USG LITE 60AX SIP ALG settings
Hi all, We recently installed a USG Lite 60AX on a clients premises. Im not entirely sure the 60ax is the problem but they have started experiencing unusual VOIP issues. Just wondering if ther is SIP ALG (or something along those lines) on these devices and if so how do I turn it off please. Kind regards, Luke Archbold.
-
Remote vpn ipsec, access Lan behind site to site Firewall
I have a remote IKEv2 ipsec dynamic access to firewall 1 and want to access lan behind firewall 2 that is setup for site to site between Firewall 1 Firewall 2. How should i set up routing and security policy to get it to work? Firewall 1, USG Flex 100 Lan1 ip 192.168.101.1 Firewall 2, USG Flex 200 Lan1 ip 192.168.100.1 Tony
-
IKEv2 Connection Not Working to RRAS
Hello, I'm trying to set up an RRAS (Routing and Remote Access Services) VPN on Windows Server. This is a built-in Microsoft role that can be installed. Being new to this, I'm not sure if I have everything set up correctly. It seems like it is, but I cannot get the VPN connection to actually work. First the RRAS server was…
-
Zyxel Flex 200 - Android/Apple remote vpn
Since the L2TP tunnels are no longer supported by android, what is a working remote vpn tunnel that does work. We have lots of l2tp tunnels in use to our FLEX 200, but newer Android devices don't work/support L2TP tunnels. Hoping to see a native solution, otherwise we probably need to implement NetBird or equivalent or…
-
SSL inspection for clients connecting from the Internet to the server behind the USG FLEX 500
Hello, has anyone managed to set up a working SSL inspection for clients connecting from the Internet to the server behind the USG FLEX 500? I have an IIS server in the local network accessible from the Internet and I'm trying to set up SSL inspection for it. I uploaded the same SSL certificate to the USG as on the server…
-
IKEv2 with PSK not working on Android
Hi everyone, I'm trying to set up IKEv2 with PSK on a USG Flex 100 by following that article (https://support.zyxel.eu/hc/en-us/articles/8805317185298-IKEv2-VPN-with-Pre-Shared-key-on-Mobile-Devices-Instead-of-L2TP#h_01HB6CZ468E23YEB63SRPPFRS8) but it's not working. Here is the log What could be wrong ? I don't see any…
-
cannot see the application dropped in my application
Hi! I'm using App Patrol to block some application traffic in my USGFLEX 100 I made the drop traffic for WPS office before, but now I can see 360 antivirus only. I search WPS in the application, it say the WPS office 's action is drop. Our firewall still can block WPS office traffic. Anyone face this similar problem?…
-
How to implement IPSec Client VPN with Windows Native Client and MFA?
Hi I would like to implement MFA on an already working IPSec client VPN access on USG FLEX 200. Configuration of MFA is well documented. As I understand the workflow is that in the first step the VPN connection is established using username/password. In the second step the MFA code must be entered via the web based…
-
A anomaly routeing rule in config for EOL VPN300
So might not be a problem I'm not sure its causing a issue and likely when I reboot this rule is not understood by the VPN300 and skips it but through I show anyway. This is what I see in config file when I save from VPN300 for the end of routing rules ! policy 129 interface vlan777 source IP192168130 dscp any next-hop…
-
Tailscale Site to Site Help Needed
I have set up the Tailscale VPN on my Flex 100H. It accepts routes and advertises routes. At the other end I have to go through a telco provided router (which has no bridge or passthrough settings). Behind that I have Raspberry Pi set up as a sub-net router which can be seen on the tailnet. At the flex 100h end the ip…
-
Firewall Configuration Converter fails with ZyWALL 110 (V4.73(AAAA.2))
Hi Tested with two or three 110s and with all of them the converters refuses to Load the source conf. My plan is first convert to VPN100 and then from VPN100 to USG Flex 200H. This tool: Firewall Configuration Converter | Zyxel Networks The error message: "The file is mismatched with tool, please upload a ZyWALL110 (4.32…
-
Zyxel USG FLEX 100 Loopback Interface For IPsec remote access VPN
Hello everyone , I have a Zyxel USG FLEX 100 pinging 2 ISP routers using a BGP session with a private interco. The Internet is already working with a NAT object. I already have an IPsec remote access configuration, but it's not working because I don't have a public IP directly on the interface. I'm not able to create a…
-
ZLD5.37 Patch2 and is it compatible with zyxel vpn 100?
ZLD5.37 Patch2 and is it compatible with zyxel vpn 100? If I request the update directly from the device without uploading, will I find the version? Let me know. Thanks.
-
SecuReporter blank network activity detailed area
Hello everyone, I went on SecuReport page to look into this amount of traffic: And I saw the page blank: It is the same also for Web Content filter: Or the DNS: But the ORG seems to be active: How I can fix that?
-
ATP 200 LTP VPN connection WIN11
Hello, with Win10 it works as expected. With Win 11 I wounder why the connection ask for Email instead of user. Even giving the user an email adrdess, no connection was established because of wrong password or username. Any Idea?
