help USG20- vpn

baudetd
baudetd Posts: 40  Freshman Member
First Comment First Anniversary
in Security

Hello

I have a problem with a UGS20-VPN router.
and I'm really pissed off...

following an update to 5.36, it reset itself,

I therefore wanted to import the config but this one does not want it, it runs in endless loops.

How can we downgrade?

thanks very much !!!!

«13

All Replies

  • PeterUK
    PeterUK Posts: 3,391  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Reboot to the other slot firmware

  • Zyxel_Kevin
    Zyxel_Kevin Posts: 885  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 500 Comments

    Hi @baudetd ,

    Greeting Forum,

    Did you have serial console cable ? May I have remote session to check the issue today ?

    Please kindly provide teamviewer/anydesk if you are available. Thank you

  • WJS
    WJS Posts: 155  Master Member
    5 Answers First Comment Friend Collector Second Anniversary

    so device reboot itself endless loop ?

    If so, you should not be able to log in the GUI or CLI , you need to fix it it by console cable..

  • baudetd
    baudetd Posts: 40  Freshman Member
    First Comment First Anniversary 
    hello

Here is what I did to fix the problem:

the router had reset, I accessed the interface via the default ip address.
I downgraded the firmware to 5.35.

then I reinjected my config and it worked.


However, I still have some issues. when I connect to the interface, the cpu quickly rises to 100% and from time to time during the day I no longer have access to the interface and I have small vpn connection problems (because for information, I have 2 vpn to mount on 2 other ugs20)

    then I have a "gateway timeout".
as if overloaded

  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,377  Zyxel Employee
    100 Answers 1000 Comments Friend Collector Seventh Anniversary

    Hi @baudetd

    ZLD5.36 Patch 2 Firmware has released. This update includes fixes for vulnerabilities, ensuring enhanced protection for your device against potential security risks.

  • baudetd
    baudetd Posts: 40  Freshman Member
    First Comment First Anniversary

    are you sure i didn't have problem like the previous version 5.36

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,230  Zyxel Employee
    100 Answers 500 Comments Friend Collector Fourth Anniversary

    Hello @baudetd

    Because V5.36P2 has CVE fixes for CVE-2023-33009 and CVE-2023-33010 and according to the symptom you mentioned "gateway timeout", we strongly suggest you update to our latest V5.36P2 firmware.

    You can follow below steps to update firmware:

    Step 1: Disconnect the WAN port connection and reboot your device.

    Step 2: Access the device's Web-GUI using the LAN port.

    Step 3: Update the firmware to our latest version, V5.36P2.

    Thanks.


    241015_Speak-up,-Win-WiFi-7_Community-CSO-signature_1920x200.jpg

    Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP! https://bit.ly/2024_Survey_Community

  • baudetd
    baudetd Posts: 40  Freshman Member
    First Comment First Anniversary
    image.png

    this is my router ,

    for update

    with file for 1 running and 2 standby ?

  • Zyxel_James
    Zyxel_James Posts: 663  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers

    @baudetd you may upgrade to both partitions. I strongly suggest you backup the configuration file

  • PeterUK
    PeterUK Posts: 3,391  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary

    Are you able to unplug from WAN? If not add a block rule for VPN services to Zywall and reboot then upgrade standby to V5.36P2

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)