-
How to set up Android 14 for L2TP via IPSec for ATP100
Hi, We use VPN on ATP100 using L2TP (IPSec). Everything still works on Android 12 and older. L2TP (IPSec) is no longer an option on Android 13 and 14. On Android 13 and 14, there is only IKEv2/lPSec MSCHAPv2, IKEv2/lPSec PSK and IKEv2/lPSec RSA. Which option for Android 13/14 should we select from the image?
-
Sending notifications via SMTP SSL @ port 465
Hello everyone, since a lot of time I have to send notifications using mailservers via port 25, not all of them have TLS support, a lot of mailservers have SSL support. You can see it in a USG60W: You can see the same on a Flex200H: Is there a plan to introduce SSL SMTP usage? Thanks a lot
-
Any VPN related issue in 5.39(ABWC.1)?
I am running an USGFLEX100W and after upgrading to 5.39(ABWC.1), my dynamic IKEv2 IPSec VPN is not working anymore. I thought it might be some configuration change, so I went back 2 months (I have weekly backups), but it still don't work. It don't work on any of the mobiles it used to, and the laptop I used to connect is…
-
increase IPS range
I need to increase my IPS range from 254 ips to 512, how can I do this configuration on the Firewall Flex 200? Would it just be changing the Subnet Mask to 255.255.254.0 and the Pool Size to 512?
-
Starlink and Ipsec
Hello, Actually we've got an Ipsec tunnel using 2 USG Flex behind fiber on each side. We would like to use a starlink (actually bypass mode) in case of fail of fiber on one side. How to handle starlink CGNAT ? Thank's for your help. L.
-
IKE service
Hi, Our analysis shows that the IKE service ( gateway) is clearly visible and can be used by attackers for reconnaissance and targeting. How can we make the IKE service not clearly visible ("hide") in ATP 200? I am waiting your answer
-
Network/NAT
I have a working IPSEC VPN between site1 and site2, so that lan1 and lan2 can communicate. I would like to map a public IP of site1 to a host of lan2. Setting up a virtual server from publicIPsite1 to site2hostIP and adding a route to site2hostIP via the VPN tunnel doesn't work. I suppose because the VPN tunnel allow…
-
How can I turn off the SSH login service in USG40?
-
Stampante di rete
ciao a tutti, ho un problema con la stampante di rete, espongo la configurazione: lan1 192.168.3.x /24 rete ufficio lan2 192.168.1.x /24 rete casa la stampante di rete è su lan1 ha ip 192.168.3.248 e dalla lan2 pc 192168.1.47 riesco a fare il ping entro in http://192.168.3.248 non compare tra le stampanti e se la collego…
-
arp spoofing
Bonjour, peut on désactiver les alertes arp spoofing ? merci
-
IPV6 VPN
Hello world, does anyone did a IPV6 IPSEC VPN ? I'm looking for an example or a guide. Many thank's ! L.
-
ROUTING
Good morning, I have an ATP200 with a vlan/dmz to which I connected a NAS that must be reached on the external IPs of the two WANs for the services on ports 80 443 and 10001, I created the NAT rules and the security policies I needed, from outside it works correctly! If I try to reach the device on one of the public…
-
Ransomware Helldown
Hello, Please comment on this article: https://www.truesec.com/hub/blog/helldown-ransomware-group We have Zywall firewalls deployed at all of our customers and two have already been attacked by Helldown ransomware.
-
USG20W-VPN FSCK message
When rebooting our USG20W-VPN router via the console port, I noticed this message: /dev/mmcblk0p7: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY. (i.e., without -a or -p options) I already used the reset button on the router and then reapplied a saved config file. The above error was still reported. How can I get rid of the…
-
SSL VPN working on FLEX 100H?
Does anyone have the SSL VPN working on a FLEX 100H? I have 2 FLEX 100H routers and to one connection is made, but no IP address is given, The other on only gives Connection Timeouts. I don't see any blockage in the Firewall. Zyxel tested it and say's it works, but not here, nor at a customer, OpenVPN on several laptops,…
-
Next Hop: VPN Tunnel Flex 100H
I am looking to upgrade my home VPNs from Zywall USG 110s to Flex XXXH(P) - I had upgraded one of them this summer - and realized that I could not define a VPN tunnel as a next hop. Zyxel Customer Service then replied to a message that would be a feature supported in the October firmware - it does not seem to exist in the…
-
VPN100 and FW 5.39 availability
Do you know when we will have the updated firmware 5.39 for the VPN100 series ? I am facing modifications in safety policy and creation of users by hackers. I have removed the modifications but what can you suggest ? Regards
-
Zyxel USG FLEX and ATP series – Upgrading your device and ALL credentials to avoid hackers' attack
Zyxel team has been tracking the recent activity of threat actors targeting Zyxel security appliances that were previously subject to vulnerabilities and admin passwords have not been changed since then. Users are advised to update ALL administrators accounts for optimal protection. Based on our investigation, the threat…
-
64 object limit for IP group
Hello to everyone, today I discovered that there's this limit of 64 entries for Address group, and it hit me in two ways. 1: the limit is present on ZLD 4.x device like USG40. 2: the limit is also present on a ZLD 5.x device, like USG Flex 50 (or as it was born… USG 20 VPN. 3: the limit is not present on a ZLD 5.x device…
-
Site2Site VPN and IKEv2 VPN - No Route to Remote Site
Hello, I have a problem with my ATP. There are 2 different VPNs: Site2Site (HQ<->EXT): 172.16.0.0/16 (HQ) to 172.17.0.0/16 (External Site) IKEv2 for clients (HQ): Range 192.168.10.10 to 192.168.10.100 The S2S connection to the external site (EXT) works without problems when I use it in the HQ, i.e. without an additional…
