-
Bug report (availability/stability) on Flex 500: network range overlap mismatch
The following steps produce a faulty configuration file, that however runs sucessfully. Only after a reboot the faulty file is rolled back (which can be many months later, making it very hard to find what the issue was in the first place): Have a subnet, i.e. 192.168.2.1/24 configured on interface LAN2 Disable the subnet…
-
NAT to a server on a different subnet through site-to-site ipsec tunnel
We have an IPsec tunnel through an ISP running on our ATP 800, connecting through WAN1. Our current setup is: Local policy: 10.0.0.0/23 subnet (with interface 10.0.1.1/24 on LAN5) Remote policy: 10.0.2.0-10.0.255.255 range Policy Route: Incoming: LAN5 Source: 10.0.0.0/23 subnet Destination: 10.0.2.0-10.0.255.255 range Next…
-
USGflex H Remote Access VPN users: access to all resources within a site-to-site vpn network
Hello all, can someone give me a hint, please? I need some remote vpn users to have access to the complete site-to-site vpn network, not only to the site they're connected to. The remote access vpn is configured as full tunnel. I tried several things like policy routes and zone settings, but it does not work. Is there a…
-
Nat ATP200
Good evening, I would like to know how to indicate a group of IPs in the field indicated by the red arrow. In fact, it allows me to engrave only a single IP. Thanks
-
SecuReporter is often unreachable over the weekends from all across Europe
SecuReporter cannot be reached over the weekends from all across Europe. The internet connections are good from where the access over the weekend is tried. Same machines, same configurations which can instantly access the SecuReporter servers cannot connect over the weekend. Accessing other infrastructure in the Asia area…
-
[2025 March] SecuReporter Maintenance Announcement
This discussion has been moved.
-
Production Status USG20W-VPN (USG FLEX 50W): Discontinued?
Greetings, I was looking to purchase another USG20W-VPN (USG FLEX 50W) for a client and have been told by vendor it has been discontinued. Is this indeed the case?
-
ATP500 - Avast antivirus block, anti-botnet log
Hi there, we have the problem that since the last firmware update in November our ATP500 blocks the Avast antivirus and the message “BLOCK anti-botnet” appears in the log. We have configured under: Security Service > Reputation Filter > Types of Cyber Threats Coming From The Internet And Local Networks, deactivated the…
-
Router DMZ to Flex 500H
Hi, we are trying to configure the Flex 500H behind a Router with DMZ. The router has IP 192.168.2.1 configured and has a DMZ configured to 192.168.2.2.2 which is the Zywall. The problem is that we do not see anything in the log, opening port 21 for example to test. Is there anything else to configure?
-
Zyxel USG20W-VPN primary and backup link setup and IPSEC VPN
Hello guys, I have USG20W-VPN with latest firmware installed and just need little bit help with setuping my primary and backup link WAN connection. Firstly - I am using the DSL WAN connection that will work as primary link (WAN) and if this connection will fail automatically backup link will go active (Cellular, Brovi 4G…
-
out of production usg flex 200
Today i heard the usg flex 200 is out of production, and the EOL date is 2030. Is that correct. Wondering what's the follow up product of the flex 200. Off course you have the flex 200h, but that one is much more expensive, and maybe difficult to sell to our customers. 5 years and then EOL? that's a little quickly in my…
-
USG FLEX 500 VPN Server EAP-MSChapv2 vs EAP-TLS/PEAP on Radius
Hello, i've got some trouble setting up remote user connection with certificate instead of user/password, and i don't find much documentation about this on Zyxel networks. I've setup VPN gateway & tunnel for remote user connection with radius authentification EAP-MSChapv2 successfully, but when i'm trying to change Windows…
-
DHCP server setup on ATP500 shows "Error -4027 : DHCP network setting conflict"
I want to setup DHCP server function on one of the LAN interface on the ATP500 device (firmware version being "V5.39(ABFU.1) / 2024-11-16 03:14:26"). After entering the parameters of : DHCP (server), IP pool start address (192.168.1.130), pool size (10), First DNS server (ZyWALL), default router (ge4 IP) with rest…
-
No entries in device insight
Hi, I have configured one device insight profile. Inside this only the criteria for OS "Windows" is selected. I would have now expected, that my laptops and desktops are listed in the device insight table of monitoring, but this table is always empty. I'm sure I have misunderstood or done something wrong. Kind regards SB
-
DNS lookup issue
We've got a really weird issue with a FLEX100. So a client reported that they can't access their website from their office network. On any device. If they turn WiFi off on their phones, they can acces it fine. Sure enough, the FLEX100 is not returning ANY address for their primary domain. But every public DNS server…
-
redirecting http
Hi! I have a webserver behind a zyxel 200H (frimware: V1.30) and I cant reach its website with its domain name/url, and instead of the website all I get is the zyxel 200H login screen. I looked up the problem, and I should find a "HTTP Redirect" instruction on…
-
Source NAT through vpn tunnels
Let's say we have three sites: Site A (USG Flex 50) - Policy based vpn - Site B (USG Flex 200) - Policy based vpn - site C (other device, managed by others) Note: between A and B it's simple routing, hosts keep their IP. Between B and C it's different: all B lan address reach C site SNATted (in B-C vpn policy) to a single…
-
url check
-
Error while trying to import a certificate. P12 certificate "errno: -17011"
Hi. When trying to import a certificate to UGL Flex 700 I get the error errno: -17011 errmsg: PKI certificate type is not supported I am on version V5.39(ABWD.1)
-
P12 Certificate "errno:-17011"
I have been importing P12 certificates for years. It is scripted openssl to generate pkcs12 from PEM files. openssl has not updated on linux since 2020. Now the "import" under "certificates" gets error 'error -17011'. "errmsg: PKI certificate type is not supported" Tried a different browser, chrome and firefox both error.…
