-
USG FELX 200 - Remote syslog on IPSec
Hello Community, I set up remote system logging. The remote server can be accessed via IPSEC VPN. The VPN connection is live, I can successfully access the remote server using the connection test. However, there are no inbound system log entries on the remote server. What could be the problem? May the USG not be able to…
-
IpSec VPN with Remote Access Server - trouble
On "USG310" I have configured IPSec VPN as Remote Access Server. Everything works fine but... Problems start when more than one user connects from the same remote network. For example, with two users, they start disconnecting and reconnecting alternately. As if logging in one causes logging out/invalidating the session of…
-
Monitor internet usage per IP
Hello, Is there a way to monitor internet traffic per IP ? I have the USG110 I tried to check the monitor tab, it shows the traffic usage from the WAN side not LAN side (or per IP on the network). Thanks
-
SSL VPN Problem Connection
Hello at All, i have a problem with a customer, and i didn't understand how i can resolve this. The customer have a USG FLEX 50 that use also for SSL_VPN Connection (and also us use sometimes for troubleshooting) and there is some strange behaviour: The USG FLEX 50 have this firmware: V5.35(ABAQ.0) There is a LAN…
-
USG Flex Object Creation
I upgraded from a Zywall 110 to a USG Flex 500 in NCC mode. I'm trying to recreate all of my policies and routing that I had in the 110. Obviously, the interface between local and NCC is completely different. I had internal groups of devices to which I applied special routing though multiple Internet connectioons. I also…
-
SSL VPN Client 1.2.5 on Mac Ventura 13.2 Broken
Have a customer who upgraded to MacOS Ventura 13.2 and their SSL VPN client (1.2.5) stopped connecting. Other users still on Ventura 13.0.1 are connecting OK. There seems to be a lot of posts regarding VPN connections in general breaking after this update. Is there a workaround for the Zyxel client on this MacOS version?
-
USG FLEX 700 - Problem while deleting static IP/MAC bind on DHCP Table of an Interface
Hi, I have a problem deleting/editing a record on my Interface/Static DHCP Table. On the interface i have a lot of record that i can edit and delete. only one of them is untouchable... Everytime i try to edit/delete it i get an error like this:------------------------------------- CLI Number: 17Error Number: -4005Error…
-
Assign Slave Ports to link aggregation on USG 500 Flex in V5.35(ABUJ.0)
Hello dear Community, We are facing an "issue" trying to set-up our USG500 Flex on Firnware V5.35(ABUJ.0) with link-aggregation. The second chapter of this post (802.1ad) corresponds pretty much exactly to what we want to set-up. Unfortunately when trying to set-up the Slave Ports my choices are very different from all the…
-
http vs https for 2 factor auth emails
Hello, I would like to ask if there is any practical difference between using http versus https for the VPN 2 factor authentication via email. I understand using https is more secure. When using it ( https) we get a certificate error/warning which i assume means we need a cerfificate from a CA for it, but i was wondering…
-
CA invalid SSL error
Hello, I have a problem with the CA issued by zyxel. When accessing the firewall ATP200 the browser says that is not valid(not secure connection via HTTPS). The CA is valid until 2034 and is imported in the Windows Client Trusted CA. What am I missing? Thanks!
-
Can't access some websites even with content/url filtering turned off
Hi, I'm having trouble with my new USG 700 firewall that I installed. I can't access websites like twitch.tv, reddit.com or videos on Twitter. I tried deleting the "business productivity" and "child protection" profiles and disabling every security service but have had no success.
-
On port Vlan100 windows 11 I have internet and Linux Ubuntu does not?
What am I doing wrong on Vlan100 that windows 11 gets the address from dhcp and the internet works normally and linux ubutu gets the address from dhcp but the internet does not work. When I connect Ubuntu to another Lan1 port, everything works. Please help.
-
USG Flex 100 problem setting up L2TP VPN from Wizard
Hi everyone, I'm a newbie and I'm trying to set up a L2TP VPN with a USG Flex 100 but without good results. I tried to use the wizard for it but it just doesn't work, I can't connect form another line. This is the LOG when I try to connect: I tried to look it up on Google but all the guides didn't help me.. So.. The LAN is…
-
Installing certificate for 2fa webpage produced by ATP200
Hello all, I tried to install a security certificate on my machine so that I won't get the "Your connection is not Private" message before entering the 2FA code. I went through these instructions: https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=008669&lang=EN Which says: You canconfigure as follows:…
-
Problem with update ZyWall USG-100Plus to firmware 330 AACV v3.30P9 (WK48)
Hello! A problem with update the old ZyWall USG-100Plus to the firmware from the post https://community.zyxel.com/en/discussion/4247/zywall-usg-series-v3-30p9-wk48-firmware-released When I try to update firmware from the current 3.30(AACV.7)ITS-WK28-r72114 to the "USG 100-PLUS 330 AACV v3.30P9 (WK48)" process stopped. On…
-
USG Flex 100 - IKE and L2TP IPSec Logging
Hello, I would like to log IKE and L2TP IPSec traffic in an email during the period connection is tried to be made. Both to track unwanted connection trials as well as to be able to analyse if issues. However, when the connection has been established, I don't want to have anymore log info in an email. Would this be…
-
Android 13/IPAD IOS 15.7 and USG40 with IKEv2
Hi, I have used earlier L2TP/IPSEC tunneling but now newer andoids doesn't support that one. I did IKEv2 configuration according these. https://support.zyxel.eu/hc/en-us/articles/8805317185298-VPN-Configure-IKEv2-with-Pre-Shared-key-on-Mobile-Devices-Instead-of-L2TP- When I try make a connection I will get always error…
-
SBG3600-N000 wireless controller AP firmware
Dear Zyxel team, Would you please share what APs are supported in the SBG3600-N000 FW ver: 1.00(AAKO.9)? Is there a fw upgrade included in the SBGs similar to USGs or tha APs have to be upgraded separately, by taking them out from controller functionality?
-
IPSEC VPN with One-to-One and many to one SNAT
Hi, a few days ago @PeterUK helped me setup an IPSEC VPN with SNAT and a /27 subnet. Everything works fine, but now in the VPN itself I have to add Many-to-One communication so that 10 of my internal addresses are seen as one address. It's possible? Thank you
-
Odd 2FA Security Issue With The USG40
Hi, I have a USG40 with latest firmware. I have just set it up as a VPN server using IKEv2 using the below guide https://support.zyxel.eu/hc/en-us/articles/360001227780-Next-Gen-USG-IKEv2-VPN-Client-to-Site- I am using the built in VPN client in Windows 10 Pro All is working fine but I wanted to add 2fa to the VPN logins.…
