VPN dashboard wrong (5.32)

Options
mMontana
mMontana Posts: 1,338  Guru Member
First Anniversary 10 Comments Friend Collector First Answer
edited October 2022 in Security
The device has 4 VPN Gateways
two are site to site, client role. Two are dynamic peer to site, server role.
4 connections are setup.
One up and running, other three (with related gateways) are disabled and unconnected.
Neverthless...
I have a "top 5 DPD fail" and "top 5 connectivity fail" for disabled gateways and connection.
So this is not correct, nevertheless not totally wrong.
However.
how on earth, or under which chemical substance the software tells me that there are two site to site tunnels connected?

Seriously?

Device is USG20-VPN (now rebadged USG 50 Flex, still cannot buy it) installed first time with 4.x firmware (don't remember which one, sorry).
«1

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,374  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @mMontana
    This symptom fixed in ZLD5.32 firmware.
    Please have a try to upgrade to latest version and check if it is helpful.
  • mMontana
    mMontana Posts: 1,338  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited October 2022
    Options
    As my experience is not fixed.I've seen the issue after updating to 5.32.

    I am not aware if it was present before the update.
    I verified with two different browser, opening the interface after enabling inPrivate/Incognito mode.

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,374  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @mMontana
    The symptom doesn't happen in my test result. I will send you private message for further check. :)
  • mMontana
    mMontana Posts: 1,338  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Up.
    Link for diagnostic data sent few days ago.
    File still wasn't downloaded.
    Any news?
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,374  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited November 2022
    Options
    Hi @mMontana
    We need your help to arrange remote HTTPS conenction for further check this issue.
    If it is possible, please forward it by private message to me. :)
  • mMontana
    mMontana Posts: 1,338  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    As answered the first time, customer did not allow me to remote connection. I'll try again for permission but I'm not confident for a positive outcome
  • mMontana
    mMontana Posts: 1,338  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Answer for remote access is "no" and it's final.
  • mMontana
    mMontana Posts: 1,338  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited November 2022
    Options
    Update.
    Counter reached 420 VPN connections out of 20 max available; in fact, there was only one Site-to-site connection enabled and nailed up; firmware was still 5.32 as screenshot, standby partition contained 5.32WK41.
    The only connection worked everytime, maybe the counter got up anytime it falled and back up; I was trying to add a VPN connection on the same gateway and was not working.

    Rebooted with 5.32WK41.
    Now I re-created the same VPN connection on the existing gateway it from scratch and started at first shot (I tried hard to understand why it was not working).
    Need to try to re-add also some other objects that are needed, standby partition was updated several weeks ago but never rebooted the firewall.
    Anyway, I'll keep posted for updates.
  • mMontana
    mMontana Posts: 1,338  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    After more than 100hrs of uptime, the VPN count is stable.
    Even if a connection is forcely closed (1 gateway, 2 connections/subnets), the VPN count is kept consistent (only 2 tunnels).
    Still on 5.32 WK41 firmware..
  • sandra_sa
    Options
    I had faced a similar issue, and I thought it was a generic glitch, so I gave it a rest.  :'(

Security Highlight