Network slow after firewall change

IkkI_Magna
IkkI_Magna Posts: 17  Freshman Member
First Comment Friend Collector Fourth Anniversary
edited April 2021 in Security


I use USG-100 for firewall b4


It was setup at 2007 and firmware is 2.02


I purchase new firewall usg-110 last week and the firmware is v4.35(aaph.0) for replacement.


All Routing and firewall policy are copied by hand.



Client say that they access internet slower than before.


They need to "Enter" twice the browser address bar.....


Is it any idea?

«13

All Replies

  • lalaland
    lalaland Posts: 91  Ally Member
    First Answer First Comment Friend Collector Sixth Anniversary

    If you WAN type is static IP, don't forget to set up DNS setting on configuration > system > dns.

  • IkkI_Magna
    IkkI_Magna Posts: 17  Freshman Member
    First Comment Friend Collector Fourth Anniversary
    edited December 2019

    Thx for advise,


    I have set DNS already...


    But some client will suddenly can not connect....


    Browser will show disconnect randomly.


    There are less than 50 clients only....

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,404  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @IkkI_Magna,

    Can you share the startup-config.conf of USG110 with me in private message?

    Untitled Image

    See how you've made an impact in Zyxel Community this year!
    https://bit.ly/Your2024Moments_Community

  • IkkI_Magna
    IkkI_Magna Posts: 17  Freshman Member
    First Comment Friend Collector Fourth Anniversary

    Hi, The last method can not solve the problem...


    Anyone help?

  • Zyxel_Vic
    Zyxel_Vic Posts: 282  Zyxel Employee
    25 Answers First Comment Friend Collector Seventh Anniversary

    Hi @IkkI_Magna

    Can you share what else settings had you configured on your device since we had tried with your settings and everything seems to be fine.

    Or would you share the remote access to us in private message so that we can have more clear idea about the difference.

  • IkkI_Magna
    IkkI_Magna Posts: 17  Freshman Member
    First Comment Friend Collector Fourth Anniversary

    I have sent config file to Emily before.

  • Zyxel_Vic
    Zyxel_Vic Posts: 282  Zyxel Employee
    25 Answers First Comment Friend Collector Seventh Anniversary

    Hi @IkkI_Magna

    Yes this is what we had tested in our lab. Can we have remote check on your device? If you have concern about opening the remote access on the device, you can just allow the specific IP address to access it. Let us know if it's okay in private message.


    Thank you.

  • IkkI_Magna
    IkkI_Magna Posts: 17  Freshman Member
    First Comment Friend Collector Fourth Anniversary

    Dear Vic,

    Would you answer me some question ?


    Regards,

    IkkI

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    50 Answers 500 Comments Friend Collector Fourth Anniversary

    @IkkI_Magna

    Regarding to your message,

    1. Can I confirm with you that do you want to block client access to device via https?(but http allow) or block client access to device via wan with any service?
    2. Go to Configuration>Network>Routing>Create the profile

    Need to create the address for destination, and create the service for your own server

    image.png

    3.Can I know does the client and server on the same subnet?

  • IkkI_Magna
    IkkI_Magna Posts: 17  Freshman Member
    First Comment Friend Collector Fourth Anniversary
    1. block client access to device via https & ssh
    2. I try it before...but fail...
    3. yes, same subnet.....when I use old server, it is ok, when I use new server,sometimes will be that(not always.)

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)