-
Failover setup
Hi All, I have the following: USG210 with two internet connections. Two different providers. WAN1 has static IP, WAN2 has static IP with PPPoE. I want to use WAN2 as the primary internet connection and when WAN2 fails to connect, WAN1 should take over. I watched a couple of videos of how to do this, but every time I get…
-
USG1100 APC + NWA1121-NI access point. Can't add the AP
I have a wireless LAN (15 AP's) controlled by the APC onboard on the USG1100 firewall. I need to add a new AP (NWA1121). I have assigned to the AP the right local IP, configured the switch port (I have a VLAN) but when I connect the AP to the port nothing happens. Am I wrong or the controller must recognize automatically…
-
Site to site bug or limitation
Zywall 110 V4.70(AAAA.0)ITS-WK46-r102519 VPN300 V5.20(ABFC.0) So was playing around as packet loss bug is being looked into if I could route internet traffic down a site to site tunnel this is my setup with OPT on the Zywall 110 for the internet: added some routing
rules... ...and 192.168.255.50
send ping 1.1.1.1 to…
-
ATP 800 screen freezes, while configuring application patrol policy
Hi there, Recently we are undergoing implementation of ZyXEL firewall ATP800 along with multiple switches in an enterprise customer. The ATP800 has Firmware version V5.20 (ABIQ.0), which was updated on 04 Jan 2022 Background: Customer has asked us to block all categories and its applications within application patrol. They…
-
USG210 Firmware 4.71 newer, older or equal to latest WK08 build?
Hallo, can someone explain me if officail 4.71 does have the same fixes as WK08? Which one should i install? Thx
-
USG40(Unified Security Gateway) with SP350E
Hi, how can i connect or link the SP350E to USG40? base on the manual, you have to go to Configuration > Hotspot > Printer Manager > but i cannot find this in USG40 Unified Security Gateway. Thanks in advance for your answer.
-
How to fix these xl2tpd errors?
How to fix these xl2tpd errors? How to fix these xl2tpd errors? l2tp/ipsec connection. I use xl2tpd along with strongswan. Strongswan is rising, everything is ok. I see myself connected to the gateway via ipsec. Further xl2tpd, I receive errors. Ubuntu 20.04 Server/Vpn gateway zyxel l2tp over ipsec/strongswan/xl2tpd Jan 31…
-
Why does the apt100 will not send the configuration file?
Bevor the atp100 will send the configuration file to a e-Mail adress. Since two weeks it is not sending. The daily report file is sending correctly. Where i must config that the apt100 send the configuration File?
-
Block all GEO IPs execpt one
Hi All, Is it possible to block all GEO IPs except one?I know it is possible to deny a GEO IP, but I have to add all of them, which is very cumbersome. I have an USG40 and USG210.I hope someone can help me. Thanks in advance.Peter
-
USG FLEX 100 - GEO block seems doesn't work
Dear all, could you please help me with the next question I have USG FLEX 100 V5.20(ABUH.0), configured GEO_BLOCK deny policy (priority 2) from WAN to any (Excluding ZyWALL) for sources IP including China. (action - deny, log - no) but in the log I see: This is why I assume my policy doesn't work properly. Why the rule id…
-
VPN on 192.168.1.x subnet issues
Big client with this setup: 1. Internal network, 192.168.1.x 2. Having AD, DNS and so forth internally 2. Site-to-site VPN to hosting center, with replication of above servers. 3. Employee IP-sec VPN, with MFA through e-mail. The issue: 1. 192.168.1.x is often the employees subnet as well. 2. Some employees cannot reach…
-
Can't get to 123.hp.com if client goes down a GRE tunnel
So posting this out of
ideas about the issue here. https://community.zyxel.com/en/discussion/10698/mtu-size-on-syn-packets#latest So client set for MSS
1460 on USG60W gets a IP on LAN1 192.168.254.128/25 the LAN1 is MTU
1500 a routing rule from LAN1 next hop tunnel0 gateway 192.168.254.1
to Zywall 110 on OPT with tunnel0…
-
Why does it say my Geo Enforcer license is about to expire?
VPN100 - I purchased a new Content Filter 2.0 license but Geo Enforcer still says it is about to expire. Isn't Geo Enforcer still a part of Content Filter 2.0? I do not see a separate Geo Enforcer license available for purchase anywhere in the United States.
-
ZYWALL USG 20 KEEPS REBOOTING
I've been using my Zywall USG 20 for many years without any problem. In the last few weeks it keeps rebooting, randomly, every 10/20 minutes. No changes have been made to the firewall configuration, it's still got the original firmware. I tried to replace the power adapter, but the problem is still there. Any suggestions?…
-
MAC Filter on USG40W
Dear All,on CONFIGURATION MENU (Expert mode) path "OBJECTS, APP, SSID, MAC FILTER LIST" I can edit a MAC address list to deny access at specific MAC pc address, but from SSID LIST i can't enable the MAC FILTERING function just created (the massage is ONLY EASY MODE). In the Easy mode there is no way to edit the SSID to…
-
Security Advisory posts: some thing that could be improved by my point of view.
First of all, thanks for keep listening to the security experts providing Zyxel info about vulnerabilities. But the way of info is published keeps lacking of simplicity, clarity, useability. 1: the advisory (link here) do not provide the list of the devices affected. The list is available in a separate page (link here). 2:…
-
Zywall110 IP binding by ddns
I'm trying to bind a NAT incoming source IP using ddns, and don't see a clearcut way to do this. The user needs to ssh in, and for various reasons VPN is not going to be used, however they are on a home IP, so their public IP changes which can be resolved with ddns on their end. If ddns was an option for binding I the…
-
How to configure Email Security for Phishing mail?
Hi,ATP 100/200/500 with firmware 5.20 do not have flag mail phishing options as shown in your guide https://community.zyxel.com/en/discussion/3350/how-to-configure-email-security-for-phishing-mail
-
Any use of USG20?
Hello everybody A newbie question - at customer's found an USG20 box, FW 3.30(BDQ.9). Nobody remembers who installed it. Now it is used as a border between LAN and Wireless LAN, no connection to WAN. No licenses installed. Is there any sense in putting it into service at a proper place as firewall (they use soft firewall…
-
Propper IGMP setup for home network - USG40, GS1920
I have a USG40 and GS1920. I am told by a device mfg (Bluesound) to enable IGMP support. 1.) is this generally a good idea/best practice? any downside? Security? USG40 2.) if yes to 1.) how to do it. I have to Ethernet config's. One for the internal network and one for the CableModem. I am assuming I only would enable for…