-
USG20W-VPN FW:V5.38(ABAR.0)
Hi, I have a problem with the firewall in question, I renewed and activated the content filter subscription, but it doesn't work. Client browser 192.168.1.2 does not block yahoo.com and filters. Thank you
-
Port role for LAN2 causes network loop
USG FLEX 200 V5.38(ABUI.0) I may have to do a part draw out part of the network if needed but when I have LAN2 for Port role on FLEX 200 to the WAN2 of my Zywall110 it causes a lockup of zywall110 but if I unplug LAN1 on either FLEX 200 or Zywall110 the problem does not happen. BUT if I use reserved for Port role on FLEX…
-
SCR 50 AXE trial license expired
hi My trial license expire on my SCR 50 AXE, will the device still block threats?
-
Dual WAN IIS Setup
We have a customer with a ZyWall 110 that has 2 ISPs, coax for primary with a block of 5 IPs and cellular for backup with a single static IP. They host a server on site that uses one of the secondary IPs in the coax range for communication (hosts IIS, mail, etc.). We also need to set this up so that at least the web ports…
-
SCR50AXE and Stop mail fraud & phishing
When "Stop mail fraud & phishing protection" is enabled, it interferes with the operation of the Speedtest application. The app has trouble finding a server and is very unstable. The logs also show information about blocking servers related to the speedtest application.
-
VPN to USG LITE 60AX behind AVM FRITZ!Box 6890 LTE not working
Connected to German Telekom VDSL with a public IP port forwarding is working but no VPN access. Everything is forwarded to the USG via Exposed Host (IPv4 + IPv6), but StrongSwan always responds with received NO_PROPOSAL_CHOSEN notify error: Jun 23 12:43:06 00[DMN] Starting IKE service (strongSwan 5.9.13, Android 14 -…
-
USG110: P12 Certificate "errno:-17011"
Hi, I try to import a new P12 certificates, which works for years. Now the "import" under "certificates" gets error 'error -17011'. "errmsg: PKI certificate type is not supported". I can validate my p12 file with openssl, so the file is fine.
-
USG Flex 200 DNS cache poisoning?
Hello, Our USG Flex 200 is working just fine for clients. The device itself will not connect to the internet however. I cannot search for updates and timesync does not work for example. Using SSH to check on the machine locally the following happens: Router> ping gmail.com PING gmail.com (192.168.50.41) 56(84) bytes of…
-
Restrict access to specific vlan - windows inbuilt client
Hi! I've successfully managed to setup an ipsec/ikev2 vpn using windows 10 native client following this guide: https://support.zyxel.eu/hc/it/articles/4439075779090-VPN-Configurare-IKEv2-IPSec-con-certificato-su-Android-iPhone-iOS-Windows-MacOS Now I'd like to restrict the landing subnets for vpn clients. I've tried to…
-
WAX620D controlled by USG40 - possible?
Hello I am having a hard time registering a WAX620D on a USG40 as controller. The USG40 sees the WX620D and I can add it to the controlled group. However, the icon stays gray and I cannot manage the accesspoint. Any ideas? Thanks —Thomas
-
Unable to reach port
Hello i have fowarded 3 ports on 3 internal ip (PC) , i have already created also the policy from wan to lan1 to manual ip. For 2 are ok but one give me a error It was a similar streaming from outside to inside, if i see the log i see this Time Category Message Src. IP Src. Port Dst. IP Dst. Port Note Action 2024-06-11…
-
Custom GEO Region for USG FLEX 500
We have a new FLEX 500 gateway/firewall. I want to customize a Geo Region to allow access into our network only from Eruope and the US, as all of our techs are there. I know how to select one of the specified regions—that works. If I configure the traffic to allow only Europe, it works. But, I want to allow both Europe and…
-
Flex 100 Policy Control Question
Admittedly, I've been sick for several days, and brain fog is affecting me. In addition, it's been too long since I've been in a Zyxel. Here's my scenario: client with a Flex100 has a device on DMZ. That device now needs to have some ingress data allowed. Have the address and service objects and groups created. But think…
-
USG Flex series: offline preparation is impossible?
So… Having firmware file downloaded, having the future running configuration ready, having users prepared… Is possible to start a USG Flex device without any internet connection?
-
USG Flex 100 error phonebar Java
Hello everyone. I have a problem with my zyxel USG flex 100. It happens that while using a phonebar Java connected to a VPBX often error: Unable to communicate with server. I don’t understand what it depends, if I remove from the network the firewall is using a normal router the problem disappears.
-
ZyWALL ATP200 how to start with Vlan?
Here is my Network in a very simplified way: The ATP (will) have 2 Wan Connection one slow DSL and one fast but unreliable Cable. There are multiple Switch in the System 2 Zyxel and a Handfull Managed and Unmanaged one. I use an Netget for example for PoE to power the AP and some IP Phones. I intend to have atlest 4 Vlans…
-
LTE3301-PLUS - USG40
Hello, I have an LTE3301-plus (4G) connecting to the WAN port of a USG40. I want to establish an SSL VPN connection to the USG40. I tried in normal mode NAT of port 443 on the LTE3301-PLUS and in passtrough ip (Bridge) mode, I have nothing displayed on the USG40 log. I specify that the SSL VPN works when I attack the USG…
-
win 10/Android 7.0 phone connecting to the PPTP VPN over 4G disconnects when idle for some minutes.
VPN2S 1.20(ABLN.2) So I setup a PPTP VPN server on the VPN2S I connect to it by my phone that got Android 7.0 when doing nothing and idle for some time past the VPN connection disconnects and does not stay connected. also happens with win 10 over 4G too
-
Multiple DHCP Server Offers from Multiple VLAN's
I have a new setup with basic firewall rules and multiple VLAN's. Setup is as follows: Modem → USG Flex 200(V5.38(ABFW.0)) → XS1930-12HP(V4.80(ABQF.3)) → NWA130BE(V6.75(ACIL.0)) or WBE660S(V6.70(ACGG.3)) The issue is a device will request a DHCP, and two different DHCP Servers from two different VLAN's are answering. More…
-
Allow pc to connect from outside firewall
Hello in the same lan of firewall (on wan port) i have a pc that should be connet to server on the lan1 behind the firewall. I shold make a fowarding or what? Thanks to all
