Some question about the ATP

Username_is_reserved
Username_is_reserved Posts: 97
First Comment Friend Collector Third Anniversary
 Ally Member
Hi
I want to switch mine into "Live" Mode soon. Before that I can switch from the old Router to the ATP I need to setup something. Most work perfect. I just looking for a way to block Bad TLD like: .to, .li,... and other. Can I do that in the Contend Filter?
Thanks
«1

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,052
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    Hi @Username_is_reserved,
    You can block TLD URL/Domain by URL keywords in CF profile. 

    Go to CONFIGURATION > Security Service > Content filter, and create a CF profile.

    In Custom Service section allows you to block Web sites with URLs that contain certain keywords in the domain name or IP address. 

    Tick "Enable HTTPS Domain Filter for HTTPS traffic" for https domain filter.


    Apply CF profile to Security policy.


  • Username_is_reserved
    Username_is_reserved Posts: 97
    First Comment Friend Collector Third Anniversary
     Ally Member
    Thanks for replay. Sorry I feel like a stupid idiot I cant get the Router to connect to the Internet.
    I guess I setup everythink like in the UTG. I must sett an Vlan ID.
    I add them into the Interface -> Vlan like in the USG to.
    PPoE is right. User + PW. I have no idea what could now be wrong.
    Any idea?
    Thanks
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,052
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    edited August 17
    Hi @Username_is_reserved,
    Please first make sure, that the router/modem in front of the USGs WAN interface is definitely in bridge mode.
    Depending on the provider and model you can already tag a VLAN on the bridge.
    Make sure, that you verify with your provider that the following details are correct:
    - Authentication Type
    - your user name and password
    - if compression is needed

  • Username_is_reserved
    Username_is_reserved Posts: 97
    First Comment Friend Collector Third Anniversary
     Ally Member
    sorry for the late replay!
    Please first make sure, that the router/modem in front of the USGs WAN interface is definitely in bridge mode.

    Yes its just a dumb Zyxel DSL Modem ;) .VMG4005 https://www.zyxel.com/global/en/products/dsl-cpe/vdsl2-17a-bonding-and-35b-single-line-bridge-vmg4005-b50a

    Depending on the provider and model you can already tag a VLAN on the bridge.
    Thankfully I set a Vlan in the ATP and it works. "That" problem is fixed.
    Make sure, that you verify with your provider that the following details are correct:
    - Authentication Type
    - your user name and password
    - if compression is needed
    In ISP Account I add the neccecary Data and my ISP confirm the Information is rite.

    My ISP Told me that the not see in the logfile that the ATP is Dialing. So how can I check that? Does the Dialing process is before the Firewall?
    Thanks
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,052
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    Hi @Username_is_reserved,
    You can filter keyword "ppp" in debug category to see PPPoE dial process log.

    MONITOR > Log > View Log

  • Username_is_reserved
    Username_is_reserved Posts: 97
    First Comment Friend Collector Third Anniversary
     Ally Member
    again sorry for the late replay:
    1      2022-09-23 23:28:20      debug      Default      pppd: Unable to complete PPPoE Discovery                     
    2      2022-09-23 23:28:20      debug      Default      pppd: Timeout waiting for PADO packets                     
    3      2022-09-23 23:28:13      debug      Default      pppd: Unable to complete PPPoE Discovery                     
    4      2022-09-23 23:28:13      debug      Default      pppd: Timeout waiting for PADO packets






  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,052
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    edited September 27
    Hi @Username_is_reserved,
    The log indicated that no PADO response from ISP.
    Device expect receive PADO packet from ISP in PPPoE discovery stage.
    Following PPPoE flow for your reference.
    PPPoE discovery stage
    Client <--------------------------> Server
              -------------PADI----------->
              <-----------PADO------------
              ------------PADR------------>
             <-----------PADS------------>
  • Username_is_reserved
    Username_is_reserved Posts: 97
    First Comment Friend Collector Third Anniversary
     Ally Member

    Client <--------------------------> Server
              -------------PADI----------->
              <-----------PADO------------
              ------------PADR------------>
             <-----------PADS------------>
    Hi thanks for replay. Where does I have to set such thinks?
    Could the Modem have some problem?
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,052
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 50 Answers 1000 Comments
     Guru Member
    It may need to confirm with ISP if they receive our device PADI packets to check where the packets lost
  • Username_is_reserved
    Username_is_reserved Posts: 97
    First Comment Friend Collector Third Anniversary
     Ally Member
    Is there an E-Mail Adress for the Zyxel Support?
    Thanks

Security Highlight