Attempt to login to USG50, Chrome reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Lyonsvt · May 2022

I would like to confirm that the USG50 can also be configured (using CLI or web interface) to increase its minimum security level so that current Google Chrome is satisfied. Additionally, would this change impact any existing security definitions for VPNs?

mMontana · May 2022

Lyonsvt said:

I would like to confirm that the USG50 can also be configured (using CLI or web interface) to increase its minimum security level so that current Google Chrome is satisfied.

I cannot confirm. Depends not only from the "current" Google Chrome request, but also on the firmware version. Anyway, this is a way for disabling insecure cypher. https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=014475&lang=EN

Lyonsvt said:

Additionally, would this change impact any existing security definitions for VPNs?

AFAIK it depends from the configuration of the VPN tunnels.

USG50 has been updated last time during 2016 https://www.zyxel.com/support/SupportLandingSR.shtml?c=gb&l=en&kbid=MD09108&md=ZyWALL USG 50 The most updated firmware is a "weekly firmware", but currently i don't have any URL for that. Changing the device is strongly suggested, current "replacement" for USG50 is USG200 Flex (two proper WAN ports). USG 50 Flex could be also used due to a dual personality port (OPT/WAN2)

Lyonsvt · May 2022

Chrome browser is most current release.

VPN tunnels are using 3DES/SHA1, 3DES/MD5, AE2128/SHA1/ AES256/SHA1

Looks like I don't have the most current firmware BDS.9(C0) is available.