-
ATP500 random reboot
Good morning I have an ATP 500 with the latest firmware installed V5.39(ABFU.0) that performs random reboot every 3-4 days about. Fortunately it happens at night or on Sunday, however it happened once during working hours, obviously crashing the entire company network (vlan, connectivity, etc.) I tried to understand what…
-
Expose the services via DNS to clients connected via VPN
We have a USG FLEX 100W model firewall and have recently set up VPN, now we would like to set the DNS service of the firewall to expose business services only to the internal LAN and clients connected via VPN. The services are exposed from the corporate servers and we currently use an external dns service. We have tried…
-
DOES USG LITE 60AX router also support IGMP
Does the router USG LITE 60AX also support IGMP (also snooping and relay)? Furthermore, does it also support a virtual lan (VLAN ID = 4) for IPTV?
-
Whitelisted IPs
Good morning I wanted to ask how to authorize an ip to my website protected by ATP200. My security Plicy is configured to allow only Italian addresses. I need to authorize some IPs from other countries, I added them in the allow List of the Reputation Filter/IP Reputation of the Security Service section Is it correct or do…
-
Atp 800 de object adress geo/ip den izin verilen bir cihaz www.passo.com.tr sitesine girilmiyor???
Acil desteğinizi talep ediyorum.
-
USG700 Bridged WAN interface how to setup trunk
Hello, We have a USG700 with bridged WAN interface (BR1) on ports GE1 and GE2. There is a dual fiber uplink from our ISP we bridged the interface. This how it looks Then we setup a WAN TRUNK but i`m not really sure if its needed and if needed how to properply set this up. We have setup the trunk with only one member (BR1)…
-
"No proposal chosen" VPN IPSEC L2TP Connection between Zyxel USG50 flex and MacOS Sonoma
Hi, due to the SSL_VPN Client 1.2.6 for MacOS ist EOL we try to switch from SSL_VPN to L2TP IPSEC VPN. I configured everything like in the description even the encryption to AES256/SHA256 which seems to be nessesary for Sonoma. But i only got this when i try to connect: my config for the Gateway is: whats wrong? best, moe
-
how to use two different providers
Hi, I have an USGFLEX50 to which I would like connected two different internet providers: FASTWEB connected to the WAN port and VODAFONE connected to the WAN2 port. I would like to create two internal networks with different address classes: LAN (192.168.0.0/24) and VLAN (192.168.10.0/24) I would like LAN uses WAN…
-
Site to site
Good morning, I have a working configuration with Usg210 site to site with Gateway Edge server farm firewall. We just purchased a 500 flex. The site to site configuration procedure is working, but I can't get to the machines behind the edge firewall, which I did before with the 210 easily. I checked the configurations, I…
-
USG Flex 200H - Renaming interfaces
Hello everyone, I went to configure parameters and names about standard interfaces on this 200H but I was unable to do that: It seems strange to me because I could do that on an old USG60 that I use for configs' tests: Is this something expected? See you soon 😁
-
Session Control and YouTube Restricted Mode
Hello, After the firmware update V5.38(ABTJ.0) for ATP700 the session control limit was set to 8192, I have no idea where this number came from, besides users couldn't browse anything, even though the Internet was working, till I deactivated the session Limit. Should I enable and set the limit to 0 (unlimited) or should I…
-
USG Flex 200H - Real IP for logged in users
Hello everyone, I updated to 1.21 firmware and I cannot identify real IP from which the users are logged in: As you can see there are 2 users logged in but I cannot see from which IP. Is there a way to discover that? Thanks a lot
-
USG Flex 700 - ARP packet capture
We received a query from our ISP that it is receiving a huge number of ARP requests from our USG. To check this, we've activated the packet capture on WAN1 port, but received only a few ARP requests originated from different ISP IP addresses. My question is, does the USG captured also its own outgoing packets or only…
-
USG FLEX 700 - 2FA-access.cgi Customize ?
Hi, is it possible to customize the webiste for the 2FA-access.cgi file ? We would like to add an "autofocus" to the "key" input field.
-
atp800 device-ha - exceed timeout
HI in three couple of ATP800 (2 with 5.38, 1 with 5.39, ilocated in different locations, each other independent), every night, between 2am and 3am, in the logs of device-HA I see the following messages: Wed Sep 4 02:54:16 2024 Exceed timeout. Device may be still in healthy state but under heavy workloads. Wait for internal…
-
Completely unable to connect to USG60 Firewall
I'm trying to connect to a used USG60 Firewall I bought about a month ago. It shows up on my network, but I'm completely unable to connect to the network interface. I've tried factory resetting it about 4 times now with no changes. Any help would be awesome. Thanks!
-
No FQDN address objects on USG FLEX 200H?
I was astonished to discover that the new FLEX 200H firmware 1.10 does not allow FQDN address objects. When will this important feature be implemented? Is there a timeline? Without FQDN, the new devices are practically useless for us.
-
Firewall USG Flex 100 unable to add the device to Nebula Cloud
Hi, I recently bought a second-hand fireewal USG Flex 100 (firmware V5.39(ABUH.0)). The device does not have a current license. Is it possible that without a valid license you cannot add a device to Nebula Cloud? It is seen as Offline (attachment). ZTP configuration is impossible, and trying with a USB drive also does not…
-
How can I forward an external WAN IP:PORT to internal LAN IP
Hi, I have a ATP700 and I have one static public IP address X.Y.Z.T and I want to do forward (virtual server or NAT 1:1) based on the FQDN, so that an external DNS will have:wiki.example.com -> X.Y.Z.Twww.example.com -> X.Y.Z.TThen the atp700 should forward to 10.0.0.1 or to 10.0.0.2 depending on the FQDN. Is it possible?
-
What "Packet(UDP) cannot be sent. reason: Network congestion" means actually?
USG40, firmware V4.73(AALA.2)ITS-23WK23-r109633 (latest available, lab version). This act as VPN endpoint for a lot of connections (8 gateways, 2 of these are Client2Server, 11 connections with 1 disabled currently). One of the SiteToSite connections use SQL+CIFS application, is the "most used" site according to this…
