VPN dashboard wrong (5.32)

mMontana
mMontana Posts: 1,070
1000 Comments 25 Answers Friend Collector Third Anniversary
 Guru Member
edited October 2022 in Security
The device has 4 VPN Gateways
two are site to site, client role. Two are dynamic peer to site, server role.
4 connections are setup.
One up and running, other three (with related gateways) are disabled and unconnected.
Neverthless...
I have a "top 5 DPD fail" and "top 5 connectivity fail" for disabled gateways and connection.
So this is not correct, nevertheless not totally wrong.
However.
how on earth, or under which chemical substance the software tells me that there are two site to site tunnels connected?

Seriously?

Device is USG20-VPN (now rebadged USG 50 Flex, still cannot buy it) installed first time with 4.x firmware (don't remember which one, sorry).
«1

All Replies

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,216
    100 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member
    Hi @mMontana
    This symptom fixed in ZLD5.32 firmware.
    Please have a try to upgrade to latest version and check if it is helpful.
  • mMontana
    mMontana Posts: 1,070
    1000 Comments 25 Answers Friend Collector Third Anniversary
     Guru Member
    edited October 2022
    As my experience is not fixed.I've seen the issue after updating to 5.32.

    I am not aware if it was present before the update.
    I verified with two different browser, opening the interface after enabling inPrivate/Incognito mode.

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,216
    100 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member
    Hi @mMontana
    The symptom doesn't happen in my test result. I will send you private message for further check. :)
  • mMontana
    mMontana Posts: 1,070
    1000 Comments 25 Answers Friend Collector Third Anniversary
     Guru Member
    Up.
    Link for diagnostic data sent few days ago.
    File still wasn't downloaded.
    Any news?
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,216
    100 Answers 1000 Comments Friend Collector Fifth Anniversary
     Guru Member
    edited November 2022
    Hi @mMontana
    We need your help to arrange remote HTTPS conenction for further check this issue.
    If it is possible, please forward it by private message to me. :)
  • mMontana
    mMontana Posts: 1,070
    1000 Comments 25 Answers Friend Collector Third Anniversary
     Guru Member
    As answered the first time, customer did not allow me to remote connection. I'll try again for permission but I'm not confident for a positive outcome
  • mMontana
    mMontana Posts: 1,070
    1000 Comments 25 Answers Friend Collector Third Anniversary
     Guru Member
    Answer for remote access is "no" and it's final.
  • mMontana
    mMontana Posts: 1,070
    1000 Comments 25 Answers Friend Collector Third Anniversary
     Guru Member
    edited November 2022
    Update.
    Counter reached 420 VPN connections out of 20 max available; in fact, there was only one Site-to-site connection enabled and nailed up; firmware was still 5.32 as screenshot, standby partition contained 5.32WK41.
    The only connection worked everytime, maybe the counter got up anytime it falled and back up; I was trying to add a VPN connection on the same gateway and was not working.

    Rebooted with 5.32WK41.
    Now I re-created the same VPN connection on the existing gateway it from scratch and started at first shot (I tried hard to understand why it was not working).
    Need to try to re-add also some other objects that are needed, standby partition was updated several weeks ago but never rebooted the firewall.
    Anyway, I'll keep posted for updates.
  • mMontana
    mMontana Posts: 1,070
    1000 Comments 25 Answers Friend Collector Third Anniversary
     Guru Member
    After more than 100hrs of uptime, the VPN count is stable.
    Even if a connection is forcely closed (1 gateway, 2 connections/subnets), the VPN count is kept consistent (only 2 tunnels).
    Still on 5.32 WK41 firmware..
  • I had faced a similar issue, and I thought it was a generic glitch, so I gave it a rest.  :'(

Security Highlight