-
zywall 200 2fa stops working After Firmware V5.36(ABUI.1)
After Upgrading our USG Flex 200 V5.36(ABUI.0) on two different sites the 2FA stops sending emails and unit will loose web access after 6 hours and need rebooting. Have upgraded to V5.36(ABUI.1) and still not 2FA but no freezing yet. Also noticed "Send Report Now" under Email Daily Report no longer works. Both are getting…
-
IPSec-VPN problems
I have two sites. Site one has a USG100 and site 2 has a Flex 200. Site one is unchanged. Site 2 USE to have a Sonicwall and the two sites were connected with an IPSec-VPN. I removed the sonicwall at site 2 and replaced with with the Flex 200 and began setting up the P2P VPN again. Of course, I didn't change Site 1 config,…
-
Mac SecuExtender losing configuration
Hello All, I just rolled out IKEv2 with Google Auth 2FA to a client that has Macs. Two of the Macs (so far) have repeatedly lost their config. Doesn't seem to be a log off or reboot or anything. The config just disappears. When the software is opened again, it's back to asking for the activation code. No IKEv2 confg is…
-
FLEX200 WAN interface problem ...
The wan1 default ip is dhcp, I link wan1 to ISP modem and config FLEX200 PPP item, then I found wan1 will get two ip, one is from PPPoE(122.116.xxx.xxx), another is from DHCP(111.241.xxx.xxx), sometimes LAN pc will use 112.116.xxx.xxx as source ip, and sometimes it use 111.241.xxx.xxx, what is possible problem? should I…
-
USG20-VPN Unable to log in after upgrading the firmware
My device is usg20-vpn The original version was 4.16. To update to the latest version 5.36. I directly download the bin file of 536ABAQ1C0 from the official website Upload to the device But after the update, I can't log in with my account password. I can't get in even if I use the default account admin password 1234 I…
-
Gen.Variant.MSILHeracles.da651960 false positive?
Hi, I've started getting multiple malware notifications with this definition: Gen.Variant.MSILHeracles.da651960 False positive? I don't see references about this malware in Zyxel. Can you help me?
-
Windows 10+ IKEv2 VPN with certificate and Peer-ID-Type
Our FLEX200 VPN works like a charm with the native OSX client. Now I am trying to connect a Win10 machine to the same gateway. Gateway is IKEv2 with certificate, with Peer-ID-Type set to "E-mail" and Content is set to a made up E-mail address. Extended Authentication Protocol is set to Server Mode and the desired user…
-
Routing / Address-Objects for large services
I was wondering how to route all Zoom traffic through a certain WAN interface: Zoom Firewall Infos Does that mean I really would have to create address objects for each net/FQDN/IP in that appropriate list, then group those into several groups and create a routing rule for each group? That seems excessive at least :-)…
-
False-Positive , Office365 Sharepoint marked as Phishing in Content-Filter
Currently the Office365 Sharepoint Node dual-spo-0003.spo-msedge.net (Switzerland) is being marked as phishing. This stopped one of our customer of over 40 People to access their Sharepoint Data since early morning. Other SPO Nodes are not being marked. This probably happened, because somebody tried to use the Office365…
-
zyxel usg20-vpn firmware upgrade path
Hello, I want to ask if there is the best path to upgrade, or can I upgrade directly? My current version is 4.16 and I need to upgrade to 5.36 I tried to upgrade directly, but my original account and password could not be entered Can't get in even with the default account and password I would like to ask everyone who has…
-
Zone cellular base port PPP bug
Ok really odd one VPN300 V5.36(ABFC.1) I have a USB Huawei E303 its IP is 192.168.8.100 I make zone cellular1 On ge4 I have a Nighthawk M2 Mobile Router set to DHCP gets a 10. IP with its zone being cellular1. I have hideipvpn with PPP setup for L2TP base port ge4 (interesting you can't use a USB cellular) zone test I have…
-
Zyxel IPSec VPN - IP destination
Hello, I have a VPN created using zyxel client IPSec, but I can't get the IP of the destination station. I am asking for information to adjust the settings. Thank you
-
FLEX200 lan ip conflict ...
I config two lan(lan1 and lan2) each lan link to a switch different vlan(see attachment), then I got a lot of ip conflict alert, what could be the problem? (I'm sure there's no other dhcp server in lan) why it display 00:00:00:00:00:00 and x:x:x:x:x:x share the same IP address x.x.x.x
-
ATP 800 unexpected reboots many times.
ATP 800 starts reboots every night with break all night sync job. FW 5.35 initial Debug log. 2nd reboot after 6 hours. Zyxell, you do the worst devices in the world. Log from teraterm console. BUG: soft lockup - CPU#7 stuck for 31s! [kworker/7:1:1153]
-
Flex 200 and web server problems
I have a new Flex 200 and one web server behind it. I built my NAT (virtual server) and my security policy and it's still getting dropped when the traffic comes in. At first, I thought it was because the device was on 443 for management so I reconfigured the device to use 8443 and that's working fine, but still, I can't…
-
Upgrade from USG60 to Zywall 310 + port role
Hi all, can i remove the first few lines from a usg60 saved configuration ! saved at 2023-05-10 18:28:09 ! model: USG60 ! firmware version: 4.73(AAKY.1) ! and import this to a zywall 310 or usg310 ? some of the settings at least like mad addresses vpn's and the like so i wont have to redo it all over again ? Also 310…
-
Is it possible to have same LAN subnet across VPN?
We have some security hardware which consists of a server that will sit in our HQ office and remote units that will sit in branch offices. The server and remote units MUST be on the same subnet. e.g. server is on 192.168.1.1 branch site 1 remote device is 192.168.1.2 branch site 2 remote device is 192.168.1.3 Is it…
-
Flex 200 and public web server
I have a new Flex 200 and it's all set up and configured. I have NAT/Sec Policies for SIP and SSH working as expected, but I can't get Remote Desktop Services and a WEB server accessible from the outside. Note - the RDS is coming in on a different public IP than the web server so I have NAT policies for each of the two IPs…
-
VPN Primer needed for my USG 100 Flex
I like to configure my USG 100 Flex to connect with clients when traveling: 1.) for added security 2.) circumvent country blocks for entertainment Can I do this with USG 100? Essentially, the client would use my ISP (Comcast)? Can I do this with laptop and iOS using generic VPN clients?
-
Getting pummelled by CDR reports of MSILHeracles download attempts from several of my ATPs
It appears to be an old issue that happened in 2022 too, if these are indeed false positives. I can't quite tell if it's a false positive though. The two files I've seen it block are: AD2F1837.HPPrinterControl_145.1.1083.0_neutral_~_v10z8vjag6ke6 and ccdeecee-9152-46a2-a8ca-5e4458eb35a5 These look like Windows Update…
