USG 50 Defaul Wan_Device Policy
Hello, I am having great difficulty with my ISP not authenticating my USG Flex 50. They have suggested I make sure PPP traffic is allowed through the WAN interface and have provided me with the gateway of the PPPoE session (100.64.x.x) so I may allow traffic from that address through the firewall.
Any pointers on how I would do that?
Thanks in anticipation.
All Replies
-
Unless you have got some complex configuration added to your device already, I recommend resetting your USG50 to factory defaults, then restart the USG and run the Setup Wizard to get the correct settings for your PPPoE connection (make sure you select the correct options based on what information the ISP has provided).
Should there be any issues during the configuration, reset your USG50, reboot and run the Setup Wizard again. That is normally enough to get the correct ISP connection settings. Make sure you have got your USG 50 User Guide available, either the paper copy shipped with your device or a PDF copy to read on your phone or tablet.
0 -
Thanks for thre reply. I have done as you say a few times. The ISP can see a handshake but after that no connection is made. I am in a limbo land where the ISP say its not them but I can see no reason why a standard set up as you suggest should fail to work.
I purchased a Zyxel Plex 50 as that is the make the ISP recomends and indeed that is the make of theirstandard issue router.
Any other thoughts?
0 -
Does the PPP for PPPoE show connected icon?
The default rule from LAN1 to any should allow everything
can you ping 1.1.1.1 on PC?
does your ISP list settings you need to do in object > ISP account WAN1_PPPoE?
authentication, compression?
0 -
No - the light bulb is orange but the connected icon is greyed out.
Pinging 1.1.1.1 receives a reply and "Destination net unreachable".
I have been through the config with the ISP and even obtained a fixed IP. Compression is off at their direction and as I understand it there is no way to turn encryption off because thats the RFC standard for PPPoE.
Their supplied router (DX3301-T0) works fine but the USGPlex 50 as well as a Draytek Vigor 2865 both fail to authenticate.
Im at a loss.
0 -
@MikeT344 How about the authentication type, did you verify the type with your provider? and make sure if a VLAN tag is needed?
Moreover, please run a packet capture, I would like to check the PPP negotiation packets, thanks.
0 -
Authentication type PAP/CHAP "should be fine". No VLAN tag.
How may I send a .cap file to you?
0 -
I am sending screen capyure in pdf together with the error code on initial connection test after wizard set up.
Does this give you what you need?
0 -
@MikeT344 Please provide the packet captured of the PPPoE negotiation, you can contact me via private message, thanks
0
Master Member
Guru Member
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.5K Nebula
- 152 Nebula Ideas
- 101 Nebula Status and Incidents
- 5.8K Security
- 296 USG FLEX H Series
- 281 Security Ideas
- 1.5K Switch
- 77 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 254 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 87 About Community
- 76 Security Highlight
