-
Installing certificate for 2fa webpage produced by ATP200
Hello all, I tried to install a security certificate on my machine so that I won't get the "Your connection is not Private" message before entering the 2FA code. I went through these instructions: https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=008669&lang=EN Which says: You canconfigure as follows:…
-
Problem with update ZyWall USG-100Plus to firmware 330 AACV v3.30P9 (WK48)
Hello! A problem with update the old ZyWall USG-100Plus to the firmware from the post https://community.zyxel.com/en/discussion/4247/zywall-usg-series-v3-30p9-wk48-firmware-released When I try to update firmware from the current 3.30(AACV.7)ITS-WK28-r72114 to the "USG 100-PLUS 330 AACV v3.30P9 (WK48)" process stopped. On…
-
USG Flex 100 - IKE and L2TP IPSec Logging
Hello, I would like to log IKE and L2TP IPSec traffic in an email during the period connection is tried to be made. Both to track unwanted connection trials as well as to be able to analyse if issues. However, when the connection has been established, I don't want to have anymore log info in an email. Would this be…
-
Android 13/IPAD IOS 15.7 and USG40 with IKEv2
Hi, I have used earlier L2TP/IPSEC tunneling but now newer andoids doesn't support that one. I did IKEv2 configuration according these. https://support.zyxel.eu/hc/en-us/articles/8805317185298-VPN-Configure-IKEv2-with-Pre-Shared-key-on-Mobile-Devices-Instead-of-L2TP- When I try make a connection I will get always error…
-
SBG3600-N000 wireless controller AP firmware
Dear Zyxel team, Would you please share what APs are supported in the SBG3600-N000 FW ver: 1.00(AAKO.9)? Is there a fw upgrade included in the SBGs similar to USGs or tha APs have to be upgraded separately, by taking them out from controller functionality?
-
IPSEC VPN with One-to-One and many to one SNAT
Hi, a few days ago @PeterUK helped me setup an IPSEC VPN with SNAT and a /27 subnet. Everything works fine, but now in the VPN itself I have to add Many-to-One communication so that 10 of my internal addresses are seen as one address. It's possible? Thank you
-
Odd 2FA Security Issue With The USG40
Hi, I have a USG40 with latest firmware. I have just set it up as a VPN server using IKEv2 using the below guide https://support.zyxel.eu/hc/en-us/articles/360001227780-Next-Gen-USG-IKEv2-VPN-Client-to-Site- I am using the built in VPN client in Windows 10 Pro All is working fine but I wanted to add 2fa to the VPN logins.…
-
SMS 2FA On Usg 40 (Latest FW) Question For UK Based Unit
We are currently using 2FA via email for our SSL Vpn users and all is good. We would like to change so that the 2FA message goes to there phones via SMS. Has anyone in the UK set this up succesfully and if so which SMS providor service did they use. Many thanks for your time.
-
ATP 200: Log - An ip address conflict is detected. 00:00:00:00:00:00 and xx.xx.xx...
Hello. simce last couple of week we have lot of log warning of An ip address conflict is detected. 00:00:00:00:00:00 and many other MAC . This is not linked to a single IP but a lot on the LAN and aso affect VLAN I though it could be an issue with a firmware update and it would be fixed soon because MAC adress…
-
USG Flex 100 L2TP VPN not letting me access shared folders of the LAN
Hi everyone I'm new here, I'm learning how to configure a VPN with USG Flex 100 with guides I found around. So, I have a server in my LAN (10.0.0.0/24) and I want the VPN users (192.168.50.0/24) to be able to access the shared folders of it, as of now it seems like they can't even see it. Tried pinging some PC in the LAN…
-
USG60W to USG Flex 100W configuration conversion
After of the EOL announcement of USG40, USG60, USG60W and so on Zyxel devices, a customer asked me if a USG flex 100W could be a nice replacemente for his USG60W.Customer is not using full capabilities/ports of USG60W, so potentially the downgrade could be feasible as features and ports.But no "automated conversion" for…
-
Cross LAN access to ChromeCast
Hi, We own a USG40W in our organisation, I take care of it but I'm not really a network engineer. We've set up 2 LAN, each with a dedicated WIFI SSID : - A "staff" LAN, with access to our development infra, - A "guests" LAN, with limited access. We have TVs with Chomecast dongles in our meeting room, actually bound to our…
-
Forward multiple Public IP through DMZ to VMs directly
Hello all, We run several virtual routers behind NAT currently. We have to VPN into the device and then NAT over to the internal IP. We are seeing a huge drop in speeds because of slow SSL VPN (Ipsec is not possible for various reasons). We want the Virtual routers to be exposed via DMZ and have Public IP. There is…
-
USG60W disconnect and crash
What with the USG60W
being EOL this might not get fixed but I post anyway. Was one V4.73 now on
V4.73(AAKZ.0)ITS-22WK50-r106743 So setup is with USG60W
built-in wireless down a VPN tunnel to VPN300 doing speed bursts at
speedtest closing/refreshing before it ends and running it again over
and over. The problem seems to…
-
Outbound Traffic from an Internal Server not Routing Through Correct External IP
Hello. We recently moved sites and had some trouble getting multiple Static IPs to work properly with our ATP device. At our old location, the IP block was contiguous. Under Network\Interface, the added Ethernet interface has all of the IPs listed in its config because they are together. Under NAT and Policy Control we…
-
two USG Flex 50 connection between LAN1 and LAN2
Hello at all I write as I have a "problem" in the network configuration of two Firewall zyxel usg flex50 purchased for a customer. The customer needs two separated LANs with the two firewalls in "waterfall", but that one can communicate with the other. I did not consider the configuration of VLAN because I would like to…
-
IPSEC VPN with SNAT in a little subnet
HI, I created a site-to-site IPSEC VPN with SNAT. Everything works fine until I use an x.x.x.x/24 subnet, but when I try to use an x.x.x.x/27 the ping no longer works. For the configuration I used this guide: https://mysupport.zyxel.com/hc/en-us/articles/360003321659--ZyWALL-USG-How-to-configure-VPN-SNAT-on-Zyxel-gateways…
-
SSL VPN connection to ZyWALL USG 300 does not work from Windows 11.
After installing SecuExtender_Windows 4.0.4.0 on Windows 11, SSL VPN connection to ZyWALL USG 300 works! But after restarting Windows 11, the SSL VPN connection stops working. Why is the SSL VPN connection not working on Windows 11? Why does it stop working after rebooting Windows 11 From computers running Windows 10, the…
-
IKEv2 VPN with AD authentication problem
Hello, I've set up an IKEv2 VPN and with local user on FLEX200, this connects fine from Secuextender. Now I want to integrate with AD, so created a user on domain controller with read rights on the security group AAA Server Active directory setup done, configuration validation with user says OK Created Authentication…
-
USG110 / 4.65 AAPH.1 - new "Policy Control Warning"
The 4.65 AAPH.1 newly implements a Policy Control Warning in case it detects opportunities for internet access to management interface or SSL VPN. If such rules will be detected an additional button "Update Security Settings" is displayed above the Policy Control. But what is this button for? The change log is only…
