-
USG110: P12 Certificate "errno:-17011"
Hi, I try to import a new P12 certificates, which works for years. Now the "import" under "certificates" gets error 'error -17011'. "errmsg: PKI certificate type is not supported". I can validate my p12 file with openssl, so the file is fine.
-
USG Flex 200 DNS cache poisoning?
Hello, Our USG Flex 200 is working just fine for clients. The device itself will not connect to the internet however. I cannot search for updates and timesync does not work for example. Using SSH to check on the machine locally the following happens: Router> ping gmail.com PING gmail.com (192.168.50.41) 56(84) bytes of…
-
Restrict access to specific vlan - windows inbuilt client
Hi! I've successfully managed to setup an ipsec/ikev2 vpn using windows 10 native client following this guide: https://support.zyxel.eu/hc/it/articles/4439075779090-VPN-Configurare-IKEv2-IPSec-con-certificato-su-Android-iPhone-iOS-Windows-MacOS Now I'd like to restrict the landing subnets for vpn clients. I've tried to…
-
WAX620D controlled by USG40 - possible?
Hello I am having a hard time registering a WAX620D on a USG40 as controller. The USG40 sees the WX620D and I can add it to the controlled group. However, the icon stays gray and I cannot manage the accesspoint. Any ideas? Thanks —Thomas
-
Unable to reach port
Hello i have fowarded 3 ports on 3 internal ip (PC) , i have already created also the policy from wan to lan1 to manual ip. For 2 are ok but one give me a error It was a similar streaming from outside to inside, if i see the log i see this Time Category Message Src. IP Src. Port Dst. IP Dst. Port Note Action 2024-06-11…
-
Custom GEO Region for USG FLEX 500
We have a new FLEX 500 gateway/firewall. I want to customize a Geo Region to allow access into our network only from Eruope and the US, as all of our techs are there. I know how to select one of the specified regions—that works. If I configure the traffic to allow only Europe, it works. But, I want to allow both Europe and…
-
Flex 100 Policy Control Question
Admittedly, I've been sick for several days, and brain fog is affecting me. In addition, it's been too long since I've been in a Zyxel. Here's my scenario: client with a Flex100 has a device on DMZ. That device now needs to have some ingress data allowed. Have the address and service objects and groups created. But think…
-
USG Flex series: offline preparation is impossible?
So… Having firmware file downloaded, having the future running configuration ready, having users prepared… Is possible to start a USG Flex device without any internet connection?
-
USG Flex 100 error phonebar Java
Hello everyone. I have a problem with my zyxel USG flex 100. It happens that while using a phonebar Java connected to a VPBX often error: Unable to communicate with server. I don’t understand what it depends, if I remove from the network the firewall is using a normal router the problem disappears.
-
ZyWALL ATP200 how to start with Vlan?
Here is my Network in a very simplified way: The ATP (will) have 2 Wan Connection one slow DSL and one fast but unreliable Cable. There are multiple Switch in the System 2 Zyxel and a Handfull Managed and Unmanaged one. I use an Netget for example for PoE to power the AP and some IP Phones. I intend to have atlest 4 Vlans…
-
LTE3301-PLUS - USG40
Hello, I have an LTE3301-plus (4G) connecting to the WAN port of a USG40. I want to establish an SSL VPN connection to the USG40. I tried in normal mode NAT of port 443 on the LTE3301-PLUS and in passtrough ip (Bridge) mode, I have nothing displayed on the USG40 log. I specify that the SSL VPN works when I attack the USG…
-
win 10/Android 7.0 phone connecting to the PPTP VPN over 4G disconnects when idle for some minutes.
VPN2S 1.20(ABLN.2) So I setup a PPTP VPN server on the VPN2S I connect to it by my phone that got Android 7.0 when doing nothing and idle for some time past the VPN connection disconnects and does not stay connected. also happens with win 10 over 4G too
-
Multiple DHCP Server Offers from Multiple VLAN's
I have a new setup with basic firewall rules and multiple VLAN's. Setup is as follows: Modem → USG Flex 200(V5.38(ABFW.0)) → XS1930-12HP(V4.80(ABQF.3)) → NWA130BE(V6.75(ACIL.0)) or WBE660S(V6.70(ACGG.3)) The issue is a device will request a DHCP, and two different DHCP Servers from two different VLAN's are answering. More…
-
Allow pc to connect from outside firewall
Hello in the same lan of firewall (on wan port) i have a pc that should be connet to server on the lan1 behind the firewall. I shold make a fowarding or what? Thanks to all
-
USG FLEX 200 - SSL VPN and 2FA Authenticator App
Can anyone answer the question whether the new USG FLEX 200 supports 2-Factor authentication when connecting SSL VPN using, for example, the authenticator application like Google Authenticator or Microsoft Aythenticator?
-
Zyxel USG Flex 500 Ports
Im trying to utilize the SFP port on our Firewall. would it be possible to assign SFP port in same lan group as other ethernet ports? So I basically need 1 Wan port and 7 Lan ports. I'm kinda short 1 port so I was wondering if that was possible. Thank you.
-
What's New: uOS1.20 Patch2 Firmware Update for USG FLEX H Series
This discussion has been moved.
-
How to block "hacker" ip if exist NAT rule
Hello. 1 Device - USG FLEX 200 2 We have NAT rule - 1234 external port to local x.x.x.x ip, 4321 local port service "RDP" 3 "Hacker" is brute this port from y.y.y.y. Q: USG is block y.y.y.y after 3 attempts, and unblock later, block again and unblock later :) How create permanent rule for blocking y.y.y.y or y.y.y.y.y/24
-
Lien Wan Down de manière intermitente
USG20-VPN FW 5.38 Je rencontre de manière aléatoire la perte de connexion sur le lien WAN. Tout est OK en local, mais pas d'internet. Je redémarre la LiveBox 6 et la passerelle USG et internet revient. LiveBox 6 changée il y a un mois. Echange de la passerelle. Cela a tenu 1 mois depuis quelques jours le problème revient…
-
Windows updates - content filter (Firewall)
Hello there, I have a problem with windows updates because of firewall categories - it used to work with Bussines and Software/hardware option enabled, right now its not enough. I tried to enabled all categories for test purposes and updates worked after that. I would like to skip testing by enabling categories one by one,…
