Registration refresh fail

PeterUK

I get “Unable to connect to myZyxel.Try again later.”

Not sure how far back this has been failing my ZyWALL 110 seems fine however.

I have a VLAN setup on both ZyWALL 110 and USG40 to do the registration for each.

ZyWALL 110

interface type external

VLAN 443 base port lan 1

IP 192.168.44.1

subnet 255.255.255.248

gateway 192.168.44.2

routing

incoming vlan 443 next hop opt SNAT outgoing-interface

-------------

USG40

interface type external

VLAN 443 base port lan 1

IP 192.168.44.2

subnet 255.255.255.248

gateway 192.168.44.1

routing

incoming vlan 443 next hop opt SNAT outgoing-interface

The Registration for both can't go out of the OPT port but by going through VLAN 443 ZyWALL 110 goes from 192.168.44.1 to gateway 192.168.44.2 of USG40 to internet and the Registration works but for some reason and this may be due to a firmware change that affect the USG40 but not ZyWALL 110 will not USG40 goes from 192.168.44.2 to gateway 192.168.44.1 of ZyWALL 110 and does not do the registration.

Both ZyWALL 110 and USG40 are on V4.32.

My thinking is that the USG40 is not trying to go down the vlan 443 to get internet by ZyWALL 110 but ZyWALL 110 is working fine. I will try to roll back the firmware to find when this strated happening.

Zyxel_Stanley

Hi PeterUK

After we checked the reason on your configuration, the issue is coming from the link-sticking.

The link-sticking will keep the routing few mins when source and Destination IP address are some.

But it can resolve by add custom trunk, and setup interface with higher priority which you want passed.

PeterUK

Success I rolled back to V4.30 and can see the registration refresh using VLAN 443

but this does need to be fixed in the up coming firmware.

Zyxel_Stanley

Hi @PeterUK  

The registration session Is initialed by device itself.

So no matter how many interfaces are configured on device, it will choose the best path to internet....In your scenario that should be OPT port but not VLAN interface.

This situation should coming from the device is unable reach the internet or DNS query not gets response yet then caused device unable reach myzyxel.com server at that moment. (otherwise the log will shows: Connect to myZyxel has failed.)

So you can make sure your DNS setting first and re-sync with myzyxel.com server again.

May we know is configuration changed after downgraded to 4.30?

PeterUK

My DNS is fine as said all works fine in V4.30 in V4.32 its not trying all the interfaces which is VLAN 443.

there are no config changes between V4.30 to V4.32

I get “connect to myZyXEL.com server failed.” on V4.30 for the USG40 some times now the issue is its not trying all interfaces correctly when it times out on one interface to try another but the ZyWALL 110 seems fine so must be two different sets of code handling between the two.

I have a Wireshark of it working with VLAN 443 if needed

I try rolling the firmware back more but it seems to work once the device is rebooted but fails after that logs show category "myZyXEL.com" message "a connection timeout occurred".  

PeterUK

So I have come to the conclusion its a bug for the USG40 the issue is its not trying all interfaces correctly when it times out on one interface to try another interface. So what you say?

You can test this by opt port to internet and limit it to connect to myZyxel upstream when having a VLAN to the internet and see it trying on opt and failing and it not trying the VLAN. The ZyWALL 110 does not have this issue and does try the VLAN.

 

Zyxel_Stanley

Hi @PeterUK
I will send you private message to check this issue more detail.

Zyxel_Stanley

Hi PeterUK

After we checked the reason on your configuration, the issue is coming from the link-sticking.

The link-sticking will keep the routing few mins when source and Destination IP address are some.

But it can resolve by add custom trunk, and setup interface with higher priority which you want passed.