Does the USG FLEX Series have Port Forwarding problems?
All Replies
-
Maybe I made some mistakes in the configuration but the Support had a chance to verify it and nothing came out.After I send all possible log, with no result.Regarding the behavior of the backup program, after some time it seems to fall asleep.Sometimes it resumes, other times, after a long period of activity, it generates an error, consolidates what has been saved and starts again.This with a small number of files. With a high number (not necessarily many MBytes) it crashes.I have to interrupt the communication to stop the Backup.With USG FLEX, every backup communication is like a rollercoaster as you can see in a previous image.0
-
I asked Synology Support to check the backup logs but nothing came up.
0 -
Hello @PaoloFracas
Thanks for your response.
(1). While the "rollercoaster " symptom appears, are there any block or drop messages on your Monitor Log of USG Flex100?
(2). Did you try to use another port (not TCP 51200 ) to backup files to NAS? Is it working for you?
(3). What is the "Synology Backup Program"? Where did you execute this program in your topology? From the internet? or LAN domain?
(4). What is your MTU size of USG40 and USG Flex100? Are they the same?
Thanks.Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community
0 -
(1). While the "rollercoaster " symptom appears, are there any block or drop messages on your Monitor Log of USG Flex100?I have no messageI see something when the traffic restart but with no error (Port TCP 6182)(2). Did you try to use another port (not TCP 51200 ) to backup files to NAS? Is it working for you?The standard port of the Program is not the TCP 51200 but the TCP 6281The TCP 51200 is the port indicated by Zyxel Support which would appear to affect the Backup Program traffic when installing the USG FLEX 100There is no reference about that in SynologyThere is no reference with USG 40On wednesday I will change the default TCP 6182 and made a check.I can't do that before.If I can I send you a message.(3). What is the "Synology Backup Program"? Where did you execute this program in your topology? From the internet? or LAN domain?The Program is "Hyper Backup" and I execute that from Internet.
Is a Backup from remote site to internal network.(4). What is your MTU size of USG40 and USG Flex100? Are they the same?
Thanks.I will answer you on wednesday.I can't check the USG FLEX 100 at the moment but I think it is 1500 (for sure in the USG 40 - WAN Port)Thanks to you.
1 -
I'm a bit confused.
You have a group for Hyper Backup Vault. That's fine. It's a group of two TCP Ports. So why there are two port rules for the forward?
In my personal opinion, this should be the NAT rule.
and this one, if wan related, the Security policy rule. Source WAN, destination LAN1. But whatever...
(seem the images have been shrinked. sorry abot bad quality)0 -
What do you mean when you say "two port rules".
Do you refer to the highlighted element?
0 -
You have two NAT entries.
The first one is "Hyper_Backup_Vault" as external port and as internal port (I don't know why, the first one is not considered object, but whatever) Then the second one, with "TCP_6281" ad external and internal port; both seems considered objects.
But. Into the object "Hyper_Backup_Vault" you already have port TCP_6281, plus port TCP_51200; this arrangement in 99.9% of case should not create any issue. However, there should be at least one Security policy for allowing comunications. Or a rule with both services allowed (using the "Hyper_Backup_Vault" service group object) Or two rules, one for port TCP 6281 and one for port TCP 51200.I don't remember if ZLD 5.x (the latest firmware generation) allows to write down security policies with manually written ports.0 -
The second ("TCP_6281") is an inactive rule.The first I created.
0 -
The Security policy rule is present.
At the moment I can't send you the image because I'm out of office and the USG 40 is in.
The USG FLEX 100 is off.
0 -
Would you please delete the inactive rule and try again?
BWM is enabled in USG Flex 100? Is there any other payed service enabled?
(when you'll have time and occasion to test)0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight