-
Log Entry : Policy featurer
Hello,can someone explain me log entry :2022-06-15 19:41:05 ,,, debug, web-authentication, INTERNAL ERROR ,,,, Auth. Policy featuer is disabled Yesterday I blocked my IP address due to a bad password (I deleted it using: Router (config) # unlock lockout-users W.X.Y.Z). I search log and find this message through years,…
-
Simple question about USG 1100 and active directory 2019 or 2022
I See that SSO Agent has benn deprecated. (https://support.zyxel.eu/hc/en-us/articles/360015338620) Parhaps, is now USG 1100 (with last firmware) compatible with Active directory 2019 (or better 2022)? I didn't find any info about windows server version, every document uses the generic term "Active Directory" many thanks
-
firmware automatically upgraded even if auto update is disabled
Hi,yesterday we have found the firmware on two of our usg60 FW updated to version V4.72(AAKY.0) / 2022-04-28 23:20:15, even if auto update feature is not enabled.This lead to a misconfiguration of our vpn setup ( the port of the Authorize Link URL Address was modified ).Does anyone have an explanation for this?…
-
USG310 Slow speed site to site vpn ipsec
Hello,we have just acquired 2 Zywall usg310 to replace our USG60 in order to increase the speed of the vpn between the 2 sites. The problem is that we do not exceed 36Mb/s while our old USG60 exceeds 90Mb/s we have two symmetrical 600Mb/s FTTH Link, do you have any idea? Config :BWM disabledFirewall disabled Phase 1 (Vpn…
-
Port forwarding - wan IP is shown instead of source IP
I set up port forwarding on the ATP200 to receive port 25 to an email server. Upon receiving an email, the email server shows the atp200 wan ip address instead of the actual source IP. How can I fix that?
-
ATP100W wpa ssid not working
Hi all I have configured some atp100w and never encounter wifi problems. But on one of them I setup two ssid one for guest which is open and it works well. Device like phone and computer connect to them and got an ip adress on another lan (pool). The second one is a pro ssid. Used to be internal of the office Lan to have…
-
IPsec VPN with NAT
We are soon to start using a software system that is hosted by the softwre supplier. To allow our staff to connect to it they require us to set up a site-to-site VPN. I've never done this before but have read the tutorials and I think I'm OK with the process of setting up the VPN Gateway and Connection. However, they have…
-
Zywall 110 Firmware Update Question
Have a Zywall 110 with firmware V.4.20 (AAAA.1) The latest is 4.72. Is it safe to deploy or are there intermediates first?
-
Unable to finish 2FA setup with Google authenticater.
I have an Zywall USG 60 with PIN code by SMS/Email setup as 2FA. I want to change it to the Google authenticator 2FA, but when i scanned the QR code and try to finish the last step with the 6 digit code I get the following error message : we are not able to verify your code. I tried already to delete the account in the…
-
How to block Port 0
I have a USG210. When running port scans on the WAN side, Port 0 shows as: "Closed. Your computer has responded that this port exists but is currently closed to connections." Is there a way to completely block this port, so the IP shows as completely stealth? Thank you. Clippies of scan from GRC Shields Up attached...
-
VPN Server role IKEv2 broken as far as I can tell
Following another post
about this have made my own post https://support.zyxel.eu/hc/en-us/articles/4411498192914 Android 12 and ikev2 — Zyxel Community Tested on USG60W
V4.71(AAKZ.0) and VPN300 V5.21(ABFC.0) Phone tested with Sony
Xperia 5 II Android 12 I have tested every
setting I can think of but get: Receiving IKEv2…
-
2FA Google Auth time sync issue
Hi all... this is a question (not a issue yet).. Google auth as 2fa for VPN works well, but: what if the mobile with Google app is in a different time zone than USG/ATP? Android App has a function "Time Correction" (not sure it's the correct name), but as far as i know IOS version doesn't. Has anyone tried this scenario…
-
USG 210 - weird behaviour during WAN failover
Hi community, this is my first post here. I'm playing with a Zyxel USG 210, I'm trying to configure properly the WAN failover feature. We have 2 WAN connection, WAN1 is pure ethernet with static IP, WAN2 is a PPPoE connection over VLAN 100, which parent's interface is WAN2. Connectivity check is also enabled on both WAN1…
-
Usg Flex 200 Secuextender SSL Vpn
I'm using SSL VPN on USG200Flex but is disconnected after 24hours, is there anyway to make it always on? If not is there a script to reconnect automatically?
-
Usg210 ike v2 vpn connection with samsung s22
Hi The new android phone support only ike v2 VPN. I try config vpn server role, but not work... I try with certificate and with only password...but i have a problem to connect. I install StrongSwan app...but i have same problem. Have you a tutorial for vpn ike v2 for android phone? Thanks Manuel
-
How do I force delete an IPSec VPN user?
I have an IPSec VPN user that shows active that I need to delete. I get error 3004 when I try to delete the user. Can I force a logoff and then delete? Thanks
-
Traffic log data are not displayed in VRPT 4.0
I have Zywall 310. After upgrading the firmware from 4.65 to 4.71, Traffic Log data stopped appearing in VRPT 4.0. Errors listed in the VRPT server log: 2022-06-03 02: 00: 41,106 ERROR (ZldSyslogParser.java:257) - Invalid LOG: 2022-06-03 02: 00: 41,106 ERROR (ZldSyslogParser.java:258) - <142> Jun 3 02:00:41 2022 zywall src…
-
unable to register my newly purchased device
When i try to register device in the myportal. It gives an error the device is already registered
-
LAG rate limit
VPN300 V5.30(ABFC.0) I have setup a LAG
bridge between LAG0 and LAG1 because I can and on LAG1 I limit egress
to 92160Kbps and this works fine just so you know, but this is the bit I don't get you normally LAG two or more ports to get more speed (if say your ISP gives you 1.5Gb) but you can't seem to set the LAG speed…
-
forward trafic between vpn tunnels
Hello I have this configuration vpn2s in a remote sites ( a lot) vpn100 in main office azure gw at Microsoft I cannot create vpn tunnel directly from remote sites to azure as I do not have so many concurrent IPsec tunnels in azure, so I need to use the main office vpn 100 as concentrator between remote sites and azure Also…