-
NAT Server Load Balancing and Nat Loopback
Hello We are trying using NAT Server Load Balance on VPN 300 (last firmware) to access multiple servers running same service (cluster of servers) Say the external domain name is myservice.domain.com and point to the Wan interface. All is ok from Wan clients point of view, the NAT Load Balancing do its job well. But doing…
-
USG FLEX 700 Cannot Sync AD from WIN2019
I am unable to connect the USG Flex 700 to Active Directory from Windows Server 2019. The connection between the USG Flex 700 and Active Directory is intended to go through IPSec Site-to-Site VPN. I would appreciate guidance on how to resolve this issue. Thank you
-
Getting temporary question mark on network
I have zyxl firewall USG 110. And have two nebula wifi access point. I have around 100 wireless devices connected on wifi. And around 10-15 devices on LAN. One major issue i am facing mostly happen on wifi and mostly on laptops. Didn't face this on mobile. once or twice got on two LAN desktop Basically it show "?" sign on…
-
Time line hardware EOL
I have a question about Firewall, how long does each model last until production is discontinued? I currently use USG310, used it in 2020. Now I know that EOL has passed and I am planning to use the Flex700 model. I would like to know in what year the Flex700 and USG310 was produced and when will it be EOL?
-
Zywall SSL inspection - exclude list from category
Hello every body, I just activate the ssl inspection on my zywall 310 (firmware version 4.73 AAAB.2). It looks it works fine but all the website are currently inspected, expect those from the exclude list. I can see on this article, that on USG series there is an advanced button in the exclude list page where we can choose…
-
Where has SecureExtender SSL VPN for Windows gone??
The download library no longer has SecureExtender SSL VPN Client for Windows. Is this temporary, a glitch, or has this client been withdrawn?
-
hi all!
I have a question is how to blog a divice on my system, USG500 FLEX, thank you!
-
IPsec VPN disconnection
Good morning, Context: we have a FLEX700 at headquarters and FLEX100s at remote sites. The sites have fiber and are connected with IPSEC. Issue: For several months we have had the following problem on one of the sites: every week randomly, the ipsec VPN disconnects and we have to restart the FLEX 100 so that it reconnects…
-
random RDS disconnection
Good morning, I have a problem on one of my remote sites with the RDS of Windows Server 2016. The remote site (with FLEX200) is connected to Headquarters (with FLEX 700) with an IPsec VPN and the users work from RDS offices. My other remote sites do not seem impacted even though they have identical hardware. We encounter a…
-
The packet was dropped by Misc.
USG 310 We are having problems contacting a server on internet. While troubleshooting we found that we can ping the host directly from the WAN interface on the firewall, but not from inside. Either from a computer or by pinging through LAN interface on firewall. I don't see anything in the config that would block this…
-
Access Multiple network throught Zywall IPSec VPN Client
Hello, We have a USGFLEX200 device with the local networks of the following scenario: Network 192.168.10.0/24 Network 10.80.10.0/24 Network 10.90.10.0/24 Network 172.26.0.0/24 We use the VPN Client IPSec_3.8.204.61.32 as a connection. We need access to the different networks from this client, but we do not want traffic…
-
upgraded USG210 to ATP500 still issues..
Hello every one, I had two USGs-210 in HA and i had a lot of issues with ram/cpu and reboots everyday. I asked for help here and after lots of days my issue was end of life of USG and many users/vpns that made USG having CPU/RAM over 80% and reboot. I recently changed them with two ATP500. We copied the configuration from…
-
Content Filter not working USG Flex 500 issue
Hi, When i enable Content Filter and(or) DNS Content Filter in Policy Control, http and https connection become very slow. I think that because Content Filter not resolving url(domain name). in cli: Router(URL)# https://community.zyxel.com % ret err = -4 result: Error The query takes: 1.000000 seconds in web: Help me solve…
-
web content filter site is blocked redirect URL:
we set up the web content filtering with a valid filter license, which works, but if I set the Redirect URL, it doesn't work: on the client's computer these page are redirected to the firewall internal web address. What is set wrong? I want to redirect to an itpolicy site.
-
CA Certificate for SSL VPN on USG 310
Is there a step by step tutorial how to set import an SSL cert from a CA given the following: SSL VPN is working, clients are connecting Port is (just an example): 8888 Clients use SecuExtender 4.0.4.0 I already have a xyz.domain.com registered and used for port 443. I also have working CA cert for the xyz.domain.com. Do I…
-
USG Flex 50W: LAN1, LAN2, DMZ and GUEST zones when interface is bridged
USG Flex 50W has four internal ethernet ports, which have default zones LAN1, LAN2, DMZ and GUEST. It is possible to bridge those four interfaces (Network→Interface→Bridge) and associate the bridge interface (br1, internal) to it's own zone, let's call it ZONE_BRIDGE. Now all the four ethernet ports are in same subnet…
-
Log: Maximum sessions per host (1000) was exceeded (From 127.0.0.1 TO 127.0.0.1)
Hello all, I receive loads of log messages that say that Maximum sessions per host (1000) was exceeded on a ATP200 device. Source and destination are both localhost (127.0.0.1). I know how to increase the amount of sessions, but I don't think this is normal behaviour for the firewall. Is that resolvable?
-
Using ATP100 as Wireless AP Controller
Hello All, I purchased a NWA210AX AP because I'm less and less happy with Unifi products. I want to use my ATP100 as a Wireless AP Controller. I'm having trouble finding the setup instructions to do this. The AP is getting an IP through DHCP from the ATP100, but I'm not seeing it any of the AP lists. I am not using Nebula…
-
Tool to analyze USG60 config errors
Is there an app to analyze a USG60 config and detect / show errors? When I apply a test config I get a message stating there's errors in the config.
-
IDP activation
Hello, I have found that I am missing active IDP setting in the Security Policy. Could someone please advise me, if IDP is generally set in "WAN to LAN" line and just activate IDP?Should I possibly prepare for the possibility of some non-functional services (RDP ...) after this activation?Thank you for your help !