Real DMZ type 2.1 broken in V1.3

PeterUK

USG FLEX 200H V1.30(ABWV.0)

Well this is sad in V1.21 the traffic blocking worked fine but in V1.30 there is session dropping for the bridge due to how Real DMZ type 2.1 works. So what will happen is you can get to a site fine but then oven time the FLEX200H drops the session causing loading for the connection to restart in loading things like anything a simple test is GRC.com DNS Nameserver Spoofability Test you run it then at the end it should show right away Query distribution but there is a delay.

Here is a setup of how real DMZ type 2.1 is and was fine with V1.21 I would really appreciate it if this could be fixed or a option by SSH I don't know about thanks.

VLAN443 is on port 4 of FLEX H for internet by other real DMZ setup

Zyxel_Melen

Hi @PeterUK,

Since your DMZ setup is more complicated than the normal setup, we will ask for a remote to check the traffic flow for this issue.

In addition, I have tested V1.30 with a normal DMZ setup, the DMZ works well.

PeterUK

hi Melen

So they are looking in to it under case #466656 so see what they say then if your still interested I give you remote access to V1.21 that works and you can switch to V1.30 to see the TCP session problem with a simple test which is

http://www.httpvshttps.com/

test to HTTP then HTTPS wait 20 seconds click HTTP test again and it stalls with a delay loading the page for the test

 

PeterUK

Well they have not got back to me but their is one good new which is Real DMZ type 3 I found many months back before 2.1 but the down side to type 3 is it needs more hardware to do.

so I hope type 3 stays working or who knows type 2.1 might work again or even original Real DMZ type 1