Does the USG FLEX Series have Port Forwarding problems?

PaoloFracas
PaoloFracas Posts: 54  Ally Member
First Anniversary 10 Comments Friend Collector
On 06/27/2022 I opened a ticket following the replacement of a USG 40 with a USG FLEX 100 for a problem related to the Backup of a Synology NAS to another Synology NAS via the Hyper Backup application.

To perform the backup you need to redirect only the TCP port 6281 to the destination internal NAS.

This configuration has always worked and still works with the USG 40 but with the USG FLEX 100 the connection is unstable, it freezes and restarts making backups interminable if not impossible.

In doubt that the USG FLEX 100 was faulty I ran a simulation with a USG FLEX 500 but with the same result.

After 4 months, the interest of Taiwan and the need to replace the USG FLEX 100 with the USG 40 (with expired Extended Licenses) every evening and every morning I still find myself with the same problem.

I must also underline the lack of participation on the part of your Customer Service, which to define scandalous is to put it mildly.

In addition to this, to date I have not been made available to contact a manager.

I hope someone has the decency to deign to answer me.

Best regards.


Paolo Fracas

Accepted Solution

  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector
    edited November 2022 Answer ✓
    LATEST TESTS

    Today I tried to reboot starting from the partition with the Beta Firmware (I backed up the active configuration with the consolidated firmware first).
    Like the last attempt, booting from the "Beta" Partition returned the configuration to the factory condition.

    As an example I report the screenshot of the Policy Firewall.

    At this point I loaded the consolidated firmware active configuration and successfully applied it.


    I then modified the Firewall Rule to allow communication with only TCP port 6281 between Remote NAS (Source) and local NAS (Destination) and successfully performed 3 consecutive backups (Hyper Backup Synology).



    Once the backups were tested, I rebooted using the Partition with the consolidated Firmware.
    I then checked if the change to the Firewall Rule related to Backup had been retained.
    This was not the case, the "Service" field had the value "Any" while with the Beta Firmware it was set to "TCP_6281".
    The impression is that the two Firewall Partitions work with different Configuration Cards which generates the problem of loading the factory configuration for the Beta Firmware.
    To be safe, I successfully restored the last Configuration Backup and performed a NAS Backup.
    I still have to verify (I didn't have more time) if after restoring and modifying the configuration of the consolidated firmware with the Beta Partition, restarting with the latter, the definitive configuration is maintained or the factory one is restored.

    To conclude...
    The new firmware seems to work but there are some critical issues in terms of configurations.

    I'm out of the office tomorrow so it will be impossible for me to run new tests.

    Best Regards

    Paolo Fracas


«134567

All Replies

  • mMontana
    mMontana Posts: 1,298  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    Current software release for USG100 Flex?

  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector
    I am currently using "V5.31 (ABUH.0)".

    I had installed the beta version "V5.31 (ABUH.0) ITS-22WK31-r104914" but to no avail.

    I am waiting to install the new "5.32 (ABUH.0)" because I have an error during the automatic update.

    But after 8 days with no response from Support, I will install tomorrow.

  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector
    The Assistance says that there is a fantomatic communication throw the TCP Port 51200, communication that not affect the USG 40.

    I don't understand.

  • mMontana
    mMontana Posts: 1,298  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    I am using USG100 flex with a different port (port and address translation) with a device since january, and I have no issues at all. But the port is under 10000, and i don't know if port 51200 is already use for something else on USG flex generation devices, you can check the service list and the manual for reference.
    This is only my small personal experience.


  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector

  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector
    I have no reference about the use of port TCP 51200 by Zyxel.

    Like you, I'm using Port Forwarding for another service with no problem.

    Probably there is something about the Synology Backup Program that the USG FLEX family don't like.

    But what I don't understand is why the USG don't have the TCP 51200 traffic and the USG FLEX have.

    Today I updated the firmware but with not result.

    First backup is frized and I'm waiting to see if it resume.



  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,039  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @PaoloFracas

    Welcome to the Zyxel community. Could you share the below information with us?
    (1). Network topology with USG Flex, NAS, and other devices 
    (2). Screenshots of NAT port forwarding setting 
    (3). What is the freezing symptom? Is the device Web-GUI cannot login? No CLI response? Is CPU high?
  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector

  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector

  • PaoloFracas
    PaoloFracas Posts: 54  Ally Member
    First Anniversary 10 Comments Friend Collector

Security Highlight