USG FLEX 100 - 5.39: Loss of Internet Access after update
Freshman Member
Had a unit auto-update this morning and since restart has not allowed internet access. No internal devices (LAN or VPN) show any logs for WAN access, even with the security policy set to log for approved and deny. Was working perfectly fine until the update.
No errors found, no config was changed, only the firmware update.
Prevents WAN from VPN, only shows a DNS request to the Zyxel and then it stops (the DNS return works, resolves on client requesting info).
All Replies
-
Must be a feature your using to cause this my Flex 200 is up and running on 5.39 VPN site to site up
You can try a reset then apply config with "Ignore errors and finish applying the configuration file"
1 -
It appears it may be related to VLAN WAN connections.
Our primary connection is sent via VLAN from a head router at this location.
The USG can ping, trace, lookup, speed test, etc.Anything "behind" the USG will not access any external/WAN connections.
Making this much odder is that the log shows no entries for forward/block (all in/out is logged, confirmed.)0 -
Try adding a routeing rule incoming LAN next hop VLAN WAN
0 -
Create a policy entry and it does work, but is has to use the specific interface.
This unfortunately will remove our redundant connection (cellular modem, WAN2/opt).
So there is certainly an issue with the update, hopefully gets fixed quickly. Will possible revert back to 5.38 and disable auto update. The consequences of security sometimes
0 -
So are you using Default system Trunk?
What if you make a User Configured Trunk with cellular modem, WAN2/opt with the routing rule with next hop that trunk?
0 -
Negative, custom trunk. Each connection has connection checking, primary (VLAN) as active, secondary (WAN2/opt) as passive. As specified in guides.
0 -
Hi @MikeForshock ,
To better assist with the issue of losing Internet after updating to the 5.39 firmware, please download the diagnostic file and send it to me privately by clicking on my account and selecting "Message."
Share your feedback through our survey, make your voice heard, and win a WiFi 7 AP!
0 -
Just curious if there are any updates on this issue?
I am interested in the outcome here since we use a similar setup at some of our clients: a VLAN interface for cellular backup connection, in a custom WAN-trunk with wan1=active, vlan1001=passive
Just noticed this thread, I have not had a chance to upgrade/test our setup yet…
0 -
How can I send this over with the credentials stripped?
Literally has every password, two-step, psk, certificate, etc.I would be okay with a remote session so you can see the config via my system, only with a tool we can limit file & clipboard sharing. Contact and we can work that out.
0 -
As of yet, no solution.
All the other non-VLAN routers updated without issue. Luckily!0
Guru Member
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
