-
Zyxel SCR 50AXE - limitations and real life use question
Hi All, I'm considering purchasing Zyxel SCR 50AXE to replace my current gateway solution. I'm using Sophos XG firewall, previously used NSG100, then USG Flex 100 till licenses ran out. Could any one advise if there is any limitation to the number of vlans, dhcp scopes / leases or firewall rules? How does it perform in…
-
SCR 50 AXE how to create secure connection to my synology NAS?
hi, my SCR50 AXE is working as follows: ISP Router → SCR50 AXE→ MY router → SYNOLOGY NAS I can access my synology NAS from the internet through the quick connect of Synology. therefore anyone in theory who knows the URL can get to the nas and try to hack it How can I protect the access from internet? can this be done on…
-
USG FLEX 200 - Blocked URL Keywords to block download of certain files
I thought I could use Blocked URL Keywords to prevent downloading of specific file types (e.g. .exe, .scr, .bat files). I have a working active Profile for Content Filtering and the Forbidden Web Sites is working for domain names. However, Blocked URL Keywords doesn't seem to do anything. For example, to block .scr files,…
-
I can't activate HA on ATP500 V5.37(ABFU.2)
Hello, I am trying to activate the HA with 2 ATP500s but when I apply the HA option on the master computer, the ATP500 restarts automatically and does not activate the HA Pro service when I have access again. That could be happening?
-
USG FLEX 50 (USG20-VPN) 5.37 (ABAQ.2) C0
Hello! I downloaded USG FLEX 50 (USG20-VPN) 5.37 (ABAQ.2) C0, but checksum on the page (https://www.zyxel.com/global/en/support/download?model=usg20-vpn) did not match the file I received. Checksum MD5 from page: EB9560A4C3B912125979A4A12E3B6076 Checksum MD5 from downloaded file (firmware.zip):…
-
SCR50 AXE- not taking changes applied in the NCC
Hi , I connected my ISP router to my brand new SCR50 AXE. therefore ISP router → SCR50 AXE→ MY Router everything seems to be working fine i see that my router got the IP address 192.168.168.5 from the SCR50 and i can see that the SCR is seeing my public IP address on the ISP router. the cloud symbol blinks greee!! Its not…
-
ZyXel USG20w VPN with PfSense
Hi, I updated my pfsense router's firmware and now none of the VPN's to ZyXel USG20w work, looks like PfSense pulled out the older encryption modes like 3DES, MD5, etc.. I changed the encryption to AES128 & SHA256 but can't get the tunnels back up.. Here's a log:
-
NAT-T with IKEv2 IPSEC
I have a USG60W and trying to configure an IPSEC tunnel that requires NAT Traversal. I do not see this option on the screen to configure IPSEC. This option is available when using IKEv1. Is NAT-T possible to configure when using IKEv2 on a USG60W?
-
Segregate Traffic on LAN1 and LAN2
I have a USG Flex 200 with the latest firmware. I have two networks, one for home and one for work. Home network is connected to LAN1. Work network is connected to LAN2. Lately, I have been able to see devices from my home network when looking at my work network router. Although I cannot ping anything between the two…
-
NAT on Zywall USG 110
Hello, is possible on Zywall USG 110 set this? I have more subdomains routed to our public IP (we have 1) but I need from subdomain1.domain.sk 443 and subdomain2.domain.sk 443 set route, on local network, subdomain1:443 to server 1:443 and subdomain2:443 to server2:443 Is this possible to set somehow? (On apache it was…
-
L2TP VPN Client-to-Site "Wrong Base DN or Bind DN" test error
Hello everyone, I have multiple Zyxel USG Flex 100 in multiple sites and each of those has a L2TP VPN Client-to-Site configuration with AD login. They all work wonderfully, except this last one.. I configured this one as any other one but every time I test it from the AAA Server it gives me the error "Wrong Base DN or Bind…
-
How do I policy route WAN traffic for a single device through Site to Site IPSec tunnel?
I have an existing USG, site-to-site Ipsec VPN connection set up with a Remote site (subnet 192.168.3.0/24; gateway 192.168.3.1) connected to a Main site (10.2.10.0/24; gateway 10.2.10.1) Remote traffic from the LAN1 out to the WAN ordinarily goes by default through the Remote WAN interface). I have a specific device on…
-
DHCP exclusions
Is there a simple way to configure DHCP exclusions? We want to use a DHCP range from 192.168.124.0 ~ 192.168.127.253 with the following exceptions: - 192.168.124.0 ~ 192.168.124.99 - 192.168.125.0 ~ 192.168.125.99 - 192.168.126.0 ~ 192.168.126.99 - 192.168.127.0 ~ 192.168.127.99 The goal is that every IP address given by…
-
Security Policy, NO "ANY" option in drop down list.
Why is there not an 'any' option in the drop down. "any(Excluding Zywall). But I want Zywall protected also? Do I have to create 2 rules "any(Excluding)" and another "Zywall"..
-
VPN Configuration on Zyxel USG FLEX 700
I am configuring and IPSec VPN on this router and each time, I get this error in the logs. The highlighted line is where I am having the issue. That tunnel is another VPN I have configured on the router that is working for something else. I am not sure why this new VPN is trying to use that tunnel for authentication. It…
-
Translation problem "has been existed" should be "already exists."
Ran into this with a script on a USG Flex 200 running firmware V5.37(ABUI.1), but I am confident this errant translation exists elsewhere. Discovered the translation problem with this command : secure-policy6 1 name Device_Default_Allow_Service retval = -33072 ERROR: Security Policy Control name has been existed. To be…
-
Error 0x800b0109 connecting to VPNSSL
Hello, I get an error 0x800b0109 when connecting to the VPNSSL using client version 4.0.5.0 from Windows 10. The USG Flex 200 is up to date running 5.37(ABUI.1) and not showing me newer versions when checking. vcredist 2015 are installed for both x86 and x64, the helper service is running, no AV software are installed at…
-
USG20W-VPN (USG FLEX 50W) 5.37(ABAR.2) stopped turning on
Hello! Updated USG20W-VPN (USG FLEX 50W is displayed in the web interface) to version 5.37 (ABAR.2). After the update, the device rebooted and worked fine for about a week. Turned off the device. I did this as usual via the web interface. The SYS indicator has stopped lighting. I waited about 3 minutes and unplugged the…
-
USG40 - VPN Traffic VPN2Internet/VPN2LAN and back
Hi, I set up a IKE VPN with my USG40. The VPN establishing works well, but i don't get any internet or LAN access. In the Logs it looks like the traffic goes through VPN2any, but nothing comes back, but i doesn't see any block in the Log. What could cause thath error? Br
-
USG Flex 700 / VPN
Hello, I have some questions about VPN connections on a USG Flex 700, in "on premise" configuration. The USG is connected to a distant site by an IPsec tunnel with VTI configuration (and static routes). On LAN, we have some VLAN, and only one (VLAN20) must access the distant network through the tunnel. The distant servers…
