-
SSL VPN Problem Connection
Hello at All, i have a problem with a customer, and i didn't understand how i can resolve this. The customer have a USG FLEX 50 that use also for SSL_VPN Connection (and also us use sometimes for troubleshooting) and there is some strange behaviour: The USG FLEX 50 have this firmware: V5.35(ABAQ.0) There is a LAN…
-
USG Flex Object Creation
I upgraded from a Zywall 110 to a USG Flex 500 in NCC mode. I'm trying to recreate all of my policies and routing that I had in the 110. Obviously, the interface between local and NCC is completely different. I had internal groups of devices to which I applied special routing though multiple Internet connectioons. I also…
-
SSL VPN Client 1.2.5 on Mac Ventura 13.2 Broken
Have a customer who upgraded to MacOS Ventura 13.2 and their SSL VPN client (1.2.5) stopped connecting. Other users still on Ventura 13.0.1 are connecting OK. There seems to be a lot of posts regarding VPN connections in general breaking after this update. Is there a workaround for the Zyxel client on this MacOS version?
-
USG FLEX 700 - Problem while deleting static IP/MAC bind on DHCP Table of an Interface
Hi, I have a problem deleting/editing a record on my Interface/Static DHCP Table. On the interface i have a lot of record that i can edit and delete. only one of them is untouchable... Everytime i try to edit/delete it i get an error like this:------------------------------------- CLI Number: 17Error Number: -4005Error…
-
Assign Slave Ports to link aggregation on USG 500 Flex in V5.35(ABUJ.0)
Hello dear Community, We are facing an "issue" trying to set-up our USG500 Flex on Firnware V5.35(ABUJ.0) with link-aggregation. The second chapter of this post (802.1ad) corresponds pretty much exactly to what we want to set-up. Unfortunately when trying to set-up the Slave Ports my choices are very different from all the…
-
http vs https for 2 factor auth emails
Hello, I would like to ask if there is any practical difference between using http versus https for the VPN 2 factor authentication via email. I understand using https is more secure. When using it ( https) we get a certificate error/warning which i assume means we need a cerfificate from a CA for it, but i was wondering…
-
CA invalid SSL error
Hello, I have a problem with the CA issued by zyxel. When accessing the firewall ATP200 the browser says that is not valid(not secure connection via HTTPS). The CA is valid until 2034 and is imported in the Windows Client Trusted CA. What am I missing? Thanks!
-
Can't access some websites even with content/url filtering turned off
Hi, I'm having trouble with my new USG 700 firewall that I installed. I can't access websites like twitch.tv, reddit.com or videos on Twitter. I tried deleting the "business productivity" and "child protection" profiles and disabling every security service but have had no success.
-
On port Vlan100 windows 11 I have internet and Linux Ubuntu does not?
What am I doing wrong on Vlan100 that windows 11 gets the address from dhcp and the internet works normally and linux ubutu gets the address from dhcp but the internet does not work. When I connect Ubuntu to another Lan1 port, everything works. Please help.
-
USG Flex 100 problem setting up L2TP VPN from Wizard
Hi everyone, I'm a newbie and I'm trying to set up a L2TP VPN with a USG Flex 100 but without good results. I tried to use the wizard for it but it just doesn't work, I can't connect form another line. This is the LOG when I try to connect: I tried to look it up on Google but all the guides didn't help me.. So.. The LAN is…
-
Installing certificate for 2fa webpage produced by ATP200
Hello all, I tried to install a security certificate on my machine so that I won't get the "Your connection is not Private" message before entering the 2FA code. I went through these instructions: https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=008669&lang=EN Which says: You canconfigure as follows:…
-
Problem with update ZyWall USG-100Plus to firmware 330 AACV v3.30P9 (WK48)
Hello! A problem with update the old ZyWall USG-100Plus to the firmware from the post https://community.zyxel.com/en/discussion/4247/zywall-usg-series-v3-30p9-wk48-firmware-released When I try to update firmware from the current 3.30(AACV.7)ITS-WK28-r72114 to the "USG 100-PLUS 330 AACV v3.30P9 (WK48)" process stopped. On…
-
USG Flex 100 - IKE and L2TP IPSec Logging
Hello, I would like to log IKE and L2TP IPSec traffic in an email during the period connection is tried to be made. Both to track unwanted connection trials as well as to be able to analyse if issues. However, when the connection has been established, I don't want to have anymore log info in an email. Would this be…
-
Android 13/IPAD IOS 15.7 and USG40 with IKEv2
Hi, I have used earlier L2TP/IPSEC tunneling but now newer andoids doesn't support that one. I did IKEv2 configuration according these. https://support.zyxel.eu/hc/en-us/articles/8805317185298-VPN-Configure-IKEv2-with-Pre-Shared-key-on-Mobile-Devices-Instead-of-L2TP- When I try make a connection I will get always error…
-
SBG3600-N000 wireless controller AP firmware
Dear Zyxel team, Would you please share what APs are supported in the SBG3600-N000 FW ver: 1.00(AAKO.9)? Is there a fw upgrade included in the SBGs similar to USGs or tha APs have to be upgraded separately, by taking them out from controller functionality?
-
IPSEC VPN with One-to-One and many to one SNAT
Hi, a few days ago @PeterUK helped me setup an IPSEC VPN with SNAT and a /27 subnet. Everything works fine, but now in the VPN itself I have to add Many-to-One communication so that 10 of my internal addresses are seen as one address. It's possible? Thank you
-
Odd 2FA Security Issue With The USG40
Hi, I have a USG40 with latest firmware. I have just set it up as a VPN server using IKEv2 using the below guide https://support.zyxel.eu/hc/en-us/articles/360001227780-Next-Gen-USG-IKEv2-VPN-Client-to-Site- I am using the built in VPN client in Windows 10 Pro All is working fine but I wanted to add 2fa to the VPN logins.…
-
SMS 2FA On Usg 40 (Latest FW) Question For UK Based Unit
We are currently using 2FA via email for our SSL Vpn users and all is good. We would like to change so that the 2FA message goes to there phones via SMS. Has anyone in the UK set this up succesfully and if so which SMS providor service did they use. Many thanks for your time.
-
ATP 200: Log - An ip address conflict is detected. 00:00:00:00:00:00 and xx.xx.xx...
Hello. simce last couple of week we have lot of log warning of An ip address conflict is detected. 00:00:00:00:00:00 and many other MAC . This is not linked to a single IP but a lot on the LAN and aso affect VLAN I though it could be an issue with a firmware update and it would be fixed soon because MAC adress…
-
USG Flex 100 L2TP VPN not letting me access shared folders of the LAN
Hi everyone I'm new here, I'm learning how to configure a VPN with USG Flex 100 with guides I found around. So, I have a server in my LAN (10.0.0.0/24) and I want the VPN users (192.168.50.0/24) to be able to access the shared folders of it, as of now it seems like they can't even see it. Tried pinging some PC in the LAN…
