-
Proposal errors on IPSEC IKEv1 VPN between Flex 500 and USG 40
I'm trying to setup a S2S VPN between 2 sites, one using a Flex 500 and the other is a USG 40. I've tried creating the objects manually and with the wizard but both times I get "No proposal chosen" errors in the log. I have double checked the phase 1 parameters and they all match. Is there a trick to this that I'm missing?
-
Anybody else seeing App Patrol statistics re-enabling after router reboot?
To improve performance of our FLEX 500 I have disabled App Patrol Statistics under Monitor tab > Security Statistics > App Patrol. I have now disabled it at least twice, and noticed that it keeps re-enabling itself. I have our router set to restart once a week and I believe it is coinciding with that. After turning it off,…
-
Site-to-site VPN between Zywall 110 and MS Azure
I am setting up a Site-to-Site VPN between my small office and MS Azure. The office network is behind a NAT in the Zywall 110 since we have multiple public IP addresses for some outward facing servers. I have seen references to Policy Based and Route based VPN. Which is better? [Update] I used the Quick Setup wizard, which…
-
IP Reputation: False positive
Hi, im receiving alerts from SecuReporter: 2023-09-19 14:00:00 Network Security IP Reputation-Outgoing IP Reputation detect 192.168.10.234 is connecting to threat IP 244 times (exceed threshold 5 within 60 minutes) Threat IP is 89.46.110.73. Looking on Cisco Talos: Could you verify please?
-
USG210 L2TP/IPSEC VPN Split-tunnel
Hello, just to confirm if we would like to configure split-tunnelling for our L2TP/IPSEC VPN would this need to be configured on the endpoint devices, rather than centrally?
-
connect to static route ip though ipsec vpn
hello, i have spent hours trying to find a solution but i am still stuck. here is my problem I have set 2 static route on our zyxel usg 110 to allow my users to use our ERP which is remotely hosted. Eveyring is ok when users are on site but when they connect trough the vpn that is set on the zyxel, they can't. Any idea of…
-
Visio Stencils
Hello, Would it be possible to get the Visio Stencils for the USG60, USG flex 200 and USG flex 500 please? Thank you in advance.
-
Double NAT with two USG FLEX devices
Hi all, i've two USG FLEX connected to each other via Point-to-Point WiFi and IPSec VPN as Backup. Both USG FLEX have it's own DSL connection. All Incoming WAN traffic from USG on the right should be forwarded to the USG on the left and from there to the servers in the DMZ zone. How to configure the USG's for this scenario…
-
USG110 Firmware
Dear community members, I hope you're all doing well. I have a question regarding updating my USG110 to the latest firmware version. Currently, I am on version 4.31, and I want to make sure I follow the correct procedure to perform this update. Could someone please guide me on the steps to update my USG110 to the latest…
-
DNS Filter - does it cascade to the next firewall rule?
We have a client that has a default filter policy in their FLEX 200 for their employees, but wanted a less strict filter for a handful of management employees. So we have a LAN → WAN rule (Position 1 - LAN1_Mgmt_To_WAN) with the Source set to a group of their specific computer IPs (static reservation) and the less strict…
-
Zywall routing/policies
Hi I have a customer with a main office and 2 remote offices. Main Office - 172.16.0.x Remote1 - 10.7.18.x Remote2 - 10.1.0.x All 3 offices are connectet with VPN ( USG 210 ) . Works fine. Users connect to main office with SSL VPN and do have access to LAN at main office, but not to LAN at remote offices. How do solve this…
-
L2TP connection fails with Mac OS Ventura, but works with windows
I'm trying to connect via L2TP VPN a MacBook with Mac OS Ventura (13.4.1) fully updated. With the same zyxel-device username, Windows 10 works without issues. With Mac OS, both OS and firewall tells me that username and password are uncorrect, however they are. Device is a fully updated (5.37) USG Flex 100 W. For creating…
-
Crypto map entity is in use
I am setting up a site-to-site VPN from my ZyWall 110 to Microsoft Azure using the guidance in the "How to Configure Site-to-site IPSec VPN with Microsoft (MS) Azure" chapter of "ZyWALL/USG/ATP/VPN Series Handbook". I have done some testing and want to delete the setup from my device. I inactivated the VPN Connection, VPN…
-
phase 1 peer id mismatch Error from VPN site-to-site
Hello i'm tryng to set a vpn between 2 office. i see this error in log, but the public IP is correct. Thanks
-
USG20-vpn connected to Google Fiber jack
Hello, I just switched to Google Fiber. I connected the Google Fiber Jack directly to the WAN on USG20-vpn but I dont get 1Gbps on devices connected to ports. I only get about 275 Mbps while at the output of the Google Fiber jack I 900+Mbps. Google tech indicated that I should connect the Nest Google Wifi router in between…
-
DHCP Server
Hi On a USG 60 is it possible for one DHCP server to service multiple VLAN's by splitting DHCP pool or does each VLAN require dedicated DHCP server?
-
Latest LTE Firmware for SBG3600-NB00
Hello, i need latest LTE firmware for italy. My firmware version is SBG3600-NB00_V1.00(AAZE.9)C0 Thanks
-
Can't access to new Flex 100 after config restore
New Flex 100 with fw 5.37/5.36p2. Restore config from other Flex 100. After restoring i get adress via DHCP, but cant ping\access ssh\https to device. After connecting via console, disable firewall rules - not helped. Cant ping other device, get ping: sendmsg: Operation not permitted
-
MAC address list transfer
I replaced my USG1100 with a new USG FLEX700. Is there a way to transfer the MAC filter list that I populated in the SSID management?
-
How to remove LAN interface 3
Site-wide - Configure - Firewall - Interface I can't delete LAN interface lan3 After pressing the delete button the process hangs and even after waiting 5 minutes no changes
