-
Firewall logs - Default Rule
Using a USG 1000 Created firewall rule to block a range of addresses in the Netherlands89.248.160.0 - 89.248.175.255 The rule is configured to deny with a log alert (red text), any connection attempt from these addresses. The rule is the first in the my firewall (Priority 1) However the log is showing the connection…
-
I found a user automatically created from anonymous account
In my log i found this: username:zyxelmd, usertype:admin, action:create. (Account: ) I checked in users section and i really found they new user zyxelmd I checked all the others log available and i didn't find any other login account. Nobody entered in configuration settings. There is only one admin user configured and it…
-
Zywall 110: Subnet Problem with IPSec VPN
We have a Zywall 110 with two IPSec VPN connection. First VPN connects to the remote network 10.10.125.0/24 (10.10.125.1 - 10.10.125.254)Second VPN connects to the remote network 10.10.0.0/18 (10.10.0.1 - 10.10.63.254) In the VPN Configuration the Network mask is displayed correctly (Remote Policy: SUBNET, 10.10.0.0/18).…
-
bandwidth limit
I have a VLAN on my internal network with the name of VISAO-ALUNOS, but this VLAN has no bandwidth limit. Where I limit the bandwidth of this VLAN so that it stays with, for example, 10Mb, this in Firewall Flex 200.
-
IPSEC VPN Site to Site and specific destination ip
I have to configure an IPSEC VPN Site to site from my ATP 500 (on the left) to a custumer network (on the right) I have been able to setup the VPN Gateway and connection but the customer requests that the computer of my LAN must appear to his network as using a specific ip that the customer give to me:174.100.4.24 Is there…
-
IPSec VPN Internet traffic (not) working
Hi, I have successfully configured IPSec VPN and my users have access to internal resources and to the internet. However, I would like for this internet traffic to be monitored (e.g. SSL inspection, Content filter, etc.) and I can't seem to figure out how to do that. I thought the policy route is a solution but regardless…
-
How to enable ICMP
How to enable ICMP to ping to IP: 192.141.xx.xx. I have the Flex 200
-
SecuExtender SSL disconnects after 2 minutes
Hello, I have problems in several ATPs when connecting through SecuExtender SSL.They connect without problems, but after 2 minutes it disconnects for no apparent reason.This happens with the latest update 5.30, and latest version of SSL SecuExtender 4.0.4.0 and on several devices, example ATP500 or ATP700. What can be the…
-
Webaccess vs SSl VPN
In regards to the security risk announced last friday, I'm pondering in how to go about restricting wan webaccess to the device from my wan ip without interfering with SSl VPN. Currently managing about 50 Companies with this setup. and they connect from many different IP's so i can't really add them all nor do i want to.…
-
Not able to log in to the VPN2S after Firmware upgrade
after unboxing I logged in and no problem to connect. the first otion was to upgrade sw. When trying to login after sucessfully upgrade, the login tells me that : 1.Turn on Javascriptand Cooki settingsinn your web browser. 2.Turn off Popup Windows Blockingin your browser. It has been nearly impossible to log in. how…
-
Something not right with DNS? Destination unreachable
Before I start its really
bugging me that I can't remove default DNS forwarders just saying! Zywall 110 and VPN300
firmware upto date This is what I'm see
when a PC by DNS to 192.168.53.1 VLAN53 to zywall 110 go to look up a
request with DNS forwarder * 192.168.53.2 to my BIND server. Its like the USG is
rate limiting…
-
USG Flex 200 - L2TP over IPsec, not working after firmware 5.30
Hello there After upgrading Flex 200 from firmware 5.20 to 5.30, our users cant sign in anymore. Anyone get the samme error. We are using RADIUS for Duo. If we create a local test-user in the Flex200, its works. But then our duo/2-factor not working Solution is to run users on the "Local" So radius is not working anymore.
-
Zyxel firewall does not show the Netflow section
I have a Zyxel firewall which, despite being monitored in SNMP, does not show the Netflow section. how do I whitelist?
-
ATP500: update from 5.21 patch1 to 5.30 and SSL VPN problem
Hi,after the update of the firmware of my ATP 500 from 5.21 Patch 1 to 5.30 we are facing some problems with SSL VPN access.Some users who before update were able to connect to the VPN and stay connected for long time, now, after a short while (usually a few minutes) are disconnected without any reason (see picture below…
-
Why the outside port don't work
USG40W Add of the internal ip adress 192.168.1.171 in the range of lan1 After Add of a service on a tcp port 8790 Add of a group and in these grp add the service. All was saved all seems like an other objet. No error encounters. Add of a nat rules : Apply button was pressed. Add of two policy rules : Port closed. could you…
-
Issues when upgrading from 5.21 to 5.30 when ATP 500 hardware is in HApro
Issues when upgrading from 5.21 to 5.30 when ATP 500 hardware is in HApro I click download updates from the server and updateThe passive ATP500 is being updated, the active hangs (but continues to work) Writes that the download is in XA and hangs for several hoursAfter that, it starts working without error, the active one…
-
Throughput on DMZ port without UTM
Hi My Internet connection has a raw download speed of 1 Gbit/s. When I run a speed test directly behind my modem without going through the firewall, I get a DL speed of around 870-930 Mbits/sec. If I run the same test connecting on port 7 of my USG110, where I have a security policy rule with no UTM service at all, the…
-
Error IPSec VPN 100
Hello everyone and first thanks for your help. I have a problem with an IPSec VPN on Zyxel VPN 100.This message appears in the log. My ISP is Orange Spain and ONT is connect directly on a my WAN interface.(Vlan20) Can you help me?
-
Right path update USG60 with old firmware
Hi, I have a USG60, current firmware V4.11(AAKY.2). It will not update the firmware, how can I make it right update to newest firmware? Many thanks. :)
-
USG110 - Unable to login. Forced password change causes "Simultaneous admin/access logons" error.
When accessing my USG110 today, it is requiring me to change the password. I provided a new password using characters I know are valid for the unit. Once I hit the apply button, I get the error message, "Simultaneous admin/access logons or users have reach the maximum number". The new password is also not saved at this…
