SecuReporter Upload fail and not using the routing rule

PeterUK
PeterUK Posts: 950  Guru Member
edited April 30 in Security

On USG40 V4.62

So SecuReporter was working then this happened (SecuReporter Upload fail) the USG should use this rule to go out on.

https://community.zyxel.com/en/discussion/comment/31028/#Comment_31028

Geo IP still updates fine with this rule but SecuReporter thinks it knows best and goes out OPT and not VLAN443 and fails

All Replies

  • Zyxel_Can
    Zyxel_Can Posts: 290  Zyxel Employee

    Hi @PeterUK,

    We’d like to check this symptom further with you, can you share some info with us?

    1.      The screenshot of error message

    2.      The output of Monitor > Log > Category: myZyxel.com

    3.       USG40’s S/N and MAC address (you may give this info to us via private message)
  • PeterUK
    PeterUK Posts: 950  Guru Member


  • Zyxel_Can
    Zyxel_Can Posts: 290  Zyxel Employee

    Hi @PeterUK,

     

    We checked your device was communicating with SecuReporter 2 May 2021 20:12:15(GMT+8) for the last time.

     

    Did you change any configuration in your USG40?

     

    Also, can you provide me remote access to your USG40 both for WebGUI and console access with RS-232 cable by private message?
  • PeterUK
    PeterUK Posts: 950  Guru Member
    edited May 5

     No changes to the USG40 that would cause this I can still do a Geo IP updates and Device registration refresh without timeout.

    You should be able to setup a setup your end with the following

    Due to the way real DMZ and NAT setup works direct incoming packets to the OPT is limited to VPN, ICMP and DHCP this is why when the USG tries going out OPT it will never work however a PC at 192.168.255.193 is NAT from LAN1 to OPT outgoing traffic goes out OPT and the incoming comings in on WAN1 of the bridge. I also can't do trunk only VLAN443 it needs to be VLAN443 and OPT as with just VLAN443 when a In bound ICMP comes in on OPT the reply should go out OPT but goes out VLAN443.

    None of which matters because the USG should follow this rule.

    https://us.v-cdn.net/6029482/uploads/editor/sg/cibkylzqkarf.png
  • PeterUK
    PeterUK Posts: 950  Guru Member
    So after a reboot due to another problem which fixed that now the Device registration refresh fail so I change the routeing rule for source any:

    So now I think SecuReporter Upload is working but may fail if it stops going out VLAN443
  • Zyxel_Can
    Zyxel_Can Posts: 290  Zyxel Employee

    Hi @PeterUK,

     

    After modifying your Policy route rule, we checked your device can communicate with SecuReporter now.

    It sends reports to SecuReporter’s server.

     

    Please verify that and let us know if you need help.


  • PeterUK
    PeterUK Posts: 950  Guru Member
    I give it some uptime to see if the change still works.
Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!