Firmware for ZyWALL 2 Plus

lucrus

Hello, I'm new here, new job, new legacy hardware to manage... so here is this old ZyWALL 2 Plus and I'd like to update its firmware. However this model is not listed into MyZyxel portal.

Where can I find the firmware for it?

PeterUK

You likely have the upto date firmware

Very old the FTP server has gone support out the window you should look into a newer model.
VPN Firewall | Zyxel Networks

lucrus

PeterUK said:

You likely have the upto date firmware

Very old the FTP server has gone support out the window you should look into a newer model.
VPN Firewall | Zyxel Networks

I'm afraid I have not the latest, because I have a release from year 2009 and, from a google search, it looks like there exists at least a release from year 2014 

mMontana

I personally doubt about 2014.

According to files in my possession, latest released is "named" 4.04 XU.11, it's dated february 2011 and release notes are signed by Mr Billy Bian.

Datasheet reports 10/100mbps ports, 3000 concurrent connections, less than 25MBPS of throughtput, 5 IpSec tunnels, bare AES128 support.

It's old, fainting, vulnerable and venerable device. A SOHO router out of support like VPN2S has better performances, more options, less unpatched vulnerabilities and can be managed via modern browser. You love it as a museum toy? Fine by me, I have one too.

Don't consider to install it. By different orders and degrees, is a really bad idea.

Zyxel_Cooldia

Hi @lucrus,

Welcome to Zyxel community. The latest firmware is 404XZ0D0.bin. i can send it in PM if you need latest firmware.

We strongly recommend replacing ZyWALL 2 Plus since it is phase out and no firmware maintenance.

lucrus

mMontana said:

I personally doubt about 2014.

According to files in my possession, latest released is "named" 4.04 XU.11, it's dated february 2011 and release notes are signed by Mr Billy Bian.

You're right, the latest it's a 2011 release, but even then it's 2 years younger than the 2009 release I have.

mMontana said:

Don't consider to install it. By different orders and degrees, is a really bad idea.

Fact is, it is already in production since then, I'm only supposed to take over its maintenance. It's actually doing its job, no reason to replace it (except maybe security wise, but it's only running a small LAN of trusted computers).

Zyxel_Cooldia said:

The latest firmware is 404XZ0D0.bin. i can send it in PM if you need latest firmware.

Please do.

Zyxel_Cooldia said:

We strongly recommend replacing ZyWALL 2 Plus

I'm not in charge for that decision here, but I'll report that suggestion upstream for sure, thanks.

mMontana

Fact is, it is already in production since then, I'm only supposed to take over its maintenance. It's actually doing its job, no reason to replace it (except maybe security wise, but it's only running a small LAN of trusted computers).

I'm pretty sure that it's doing fine: as I sad i have one of that and served as internal router (after the CPE for splitting traffic and avoid nose picking from the ISP) for 4 years from 2016 (which was already out of support and strongly suggested to not use it). I criticize Zyxel but on firewall the hardware is really resilient and reliable.
However if that device is publicly reachable in any way is like driving a car without MOT/Vehicle approval. It works, is doing what's intended to, but when I's time for police checks (certifications) or accidents (security breakouts) might unreasonable the level of hassle. Every device behind that firewall is in heftier and greater risk than with a newer one.
As the one supposed to maintenance that, you're like the car mechanic that make that car run. IMO you should not allow that because it will bring you complicity for some issues. If you maintain an equipment which is unsafe, some laws might consider you co-liable for the fallout.

I'm not in charge for that decision here, but I'll report that suggestion upstream for sure, thanks.

You can still request for dated and signed exclusion of liability if anything happens under your maintenance duty about that device.

lucrus

mMontana said:

However if that device is publicly reachable in any way...

It's not. At least not  directly. An attacker has to hack other routers before reaching that one, and, in that case, said attacker hacking that one would be the least problem.

mMontana said:

If you maintain an equipment which is unsafe, some laws might consider you co-liable for the fallout.
You can still request for dated and signed exclusion of liability if anything happens under your maintenance duty about that device.

Thanks for the heads up, but at least here in Italy that resembles a sci-fi by a screenplay writer used to get high during work hours... believe me, none of that is going to happen here, at least not in the somewhat smallish company I work for. 

AlbertoMantovani

hi - if possible

pleas sesend me too the latest zywall 2 plus firmware - i'm in

Model	ZyWALL 2 Plus
Bootbase Version	V1.11 | 07/12/2006
Firmware Version	V4.02(XU.3) | 07/31/2007

and my purpos is only for study and test and lab.

Thanks

Alberto

Zyxel_James

@AlbertoMantovani Please check your inbox, thanks.