-
all network card lights off
Hi, now i have another big problem; After a period where everything seemed to be working now this happens: the firewall works regularly for a while then the lights of the network cards go out and the only system is to unplug and restart the firewall because it does not connect to the web interface and not even ping.
-
L2TP VPN for USG40 not working IOS
Good morning, I have followed
many configuration guides but have not solved the problem. I need to connect
IOS mobile devices (versions 12 and 13) to the zyxel USG40 connected via WAN to
a modem / router. 1) Create VPN User
(Object / User tab) 2) Create WAN,
L2TP_POOL and LAN addresses accordingly (L2TP range TO BE…
-
Session limit causes loss of connectivity to web interface?
Hello, We have 2 ATP500's in HA configuration. This morning we had a widespread DNS outage on the client workstations. The Local DNS servers on the network were functional, so I went to check ATP logs, but the login screen failed to load. I did not think to try another connection method such as SSH or telnet. We turned off…
-
AP firmware check failed
Hi, I updated my USG110 yesterday with 4.35 since yesterday midday till today morning I got wihtin minutes following alert alertAP FirmwareAP firmware check failed. today in the morning I got following info and the alerts stops infoAP FirmwareAP firmware check successful. Available firmware: V5.40 Patch 1 -5.50(.1). Is…
-
Route through specific public IP
I'm trying to have a machine use a specific external\public IP address. I found the following article but I can't get it to work. https://community.zyxel.com/en/discussion/2325/force-public-ip-address Device is ZyWALL 110 v4.65 Trying to have machine1 use x.x.x.83 and machine2 use x.x.x.84 for example. When I try the steps…
-
IKEv2 Phase 1 proposal mismatch
Добрый день, пытаюсь настроить IKEv2 с Xauth, для подключение windows машин с использованием встроенного vpn клиента. При настройке L2TP over Ipsec (ikev1 вместе с L2TP) используя PSK проблем нет, как только переключаешь с PSK на сертификат возникает ошибка в логах "Phase 1 proposal mismatch", в windows журнале ошибка 809.…
-
USG210 NAT 1:1 howto
Hi, I have one provider and multiple public IPs. One of it is zywall address. When i whant to take some ports outside i do new NAT 1:1 port mapping to one of my IPs (not default). When i go to my server from the internets all is ok, but when i go outside, using this server, i go with zywall ip. I create new virtual wan…
-
Improve SSLVPN Access Security with Geolocations
Hi, Recently an update to our Zywall310, ATP500 and for all of our customers' systems started to display a message access was enabled through the WAN interface. Sounds legit because we use the SecuExtender. I am keen to improve the security and found only three geolocations can be provided. (Both in version firmware 4.70…
-
ATP700 + 2 WAX510D: from wifi cannot reach device on LAN
I've a ATP700 configured with a LAN1 setted on VLAN1. I configured a SSID on a TUNNEL ON VLAN1. If i connect to Wifi, i get the right IP address (192.168.50.53) through DHCP of LAN1 (192.168.50.1) however i cannot reach other devices on LAN (for example 192.168.50.3). I cannot uderstand where is the problem. I think there…
-
Unicast Use of the Formerly Reserved 127/8
So just heard this on
SECURITY NOW https://www.ietf.org/id/draft-schoen-intarea-unicast-127-00.html Should this go ahead
zyxel will need to change the network route in USG from 127.0.0.0/8
to 127.0.0.0/16 from what I read.
-
Upgrade USG 110 4.10 FIRMWARE TO 4.35 VERSION
Hi,I've planned to upgrade an older version Zyxel firmware model USG110 from 4.10 version to 4.35 version (latest is 4.60). I'm going to upgrade one by one from 4.10 to 4.11-4.13-4.15-4.20-4.25-4.30-4.32-4.33-4.35 whitout lost configuration, it is possible?. I don´t want to reconfigure. Thanks.Regards.
-
Upgrading Firmware for a USG60 from V4.15(AAKY.2) to 4.70(AAKY.0)
I wish to upgrade a long neglected USG60 to last fw released v. 4.70 (AAKY.0)Logging into the dashboard, I see the current FW is V4.15(AAKY.2).I'm wondering if I can upgrade directly to v. 4.65 (the oldest listed in library) and then to 4.70, or I need one (or more) previous firmware(s).In case, where can I find them?
-
Unable to unencrypt emailed config files from USG FLEX 500.
Greetings Support, My USG Flex 500 [FW: 5.10(ABUJ.0)] emails out the configuration file on a daily basis, with the Encryption password enabled. When the email arrives in I'm unable to unencrypted the file using the assigned password. Selecting the "unmask" button shows me the applied password, which is the same one I use…
-
Update USG40 firmware from 4.20 to latest
I want to upgrade the firmware on my USG40 from 4.20 to latest. I've registered an account and added my device. However I can't download latest firmware, nothing happens when I select the latest firmware marked green and click download. That got me thinking, do I need to first upgrade to 4.25 and so on, and work my way up…
-
Is NWA50AX compatible with USG60W?
Just wondering if the NWA50AX is compatible to use as access-point with the USG60W or if you have an updated list of compatible devices for the USG60W. Seem unable to find any info about that.
-
USG310 self reboot problem
Hi all, My USG310 have a self reboot problem with starting around April 2021 after upgraded to firmware version V4.62(AAPJ.0). The self reboot happened every 6 to 20 days randomly, but, interestingly, always at the scheduled time when it started generating the daily report. I have two units of USG310 configured in HA pair,…
-
ARP flood by Enable Connectivity Check for routing
Is their a setting
where I can disable ARP check then ping IP for Connectivity Check? I would like to use a
5sec check period but not to ARP the gateway and use last known ARP
check for the gateway. As I have 4 routing
rules and doing Connectivity Check it makes the Zywall 110 ARP every
second~ Also I'm doing the same
ping…
-
ZYWALL USG20 HTTP SERVER FAULT
HELLO TO ALL ... I HAVE A FIREWALL usg20 that they gave me, I reset it ... I access it with ssh and the login happens correctly ... when I access from the web server by typing 192.168.1.1 I am redirected to https: // 192.168.1.1/redirect.cgi?airp=192.168.1.1 getting the error "PR_CONNECT_RESET_ERROR" can anyone help me to…
-
MFA for VPN users (eg for non-SSL VPN with Zyxel client) - new news ?
This article is very big on buzzwords but light on details: [2021 Issue 06] Go Beyond VPN with Zero Trust in Hybrid Work — Zyxel Community Are finally getting MFA (eg with Google Authenticator, better Microsoft Authenticator) for VPN users, especially in non-Nebula firmware for USG and/or Flex units ?
-
Content filter ATP out of office
Hi everyone. I would like to be able to apply content filtering outside of the office. I need a safe browsing of my clients. Is there a possibility with DNS filtering? Thank's!!!!