[USG20W-VPN] VPN error while assigning a profile to local AP

Chris10
Chris10 Posts: 4  Freshman Member
First Comment Friend Collector
in Security

Hello,

I'm getting the below error when I'm assigning a profile to the local-ap with:

ap-group-member [ap_group_profile] member local-ap

wifi_error.PNG

Knowing that I have also the following configuration:

wlan-ssid-profile [ssid_profile]

>{…}

>outgoing-interface lan1

***

sslvpn policy Main_SSL_VPN

>{…}

>network-extension network LAN1_SUBNET

>network-extension network DMZ_SUBNET

If I remove "network-extension network LAN1_SUBNET", the error is not popping out anymore.

I don't see an immediate link between an AP profile and a VPN network extension that could explain such an error. Also, I had previously this configuration working on a USG40W.

Could you help me figure it out ?

Happy to give you more details if needed.

Thanks,

Chris

All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 2,300  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @Chris10,

    May I know how did you change the settings? By command line or by web GUI?

    Zyxel Melen

    Engage in the Community, become an MVP, and win exclusive prizes!


  • Chris10
    Chris10 Posts: 4  Freshman Member
    First Comment Friend Collector

    Hello @Zyxel_Melen ,

    By command line.

    The GUI changed, and I'm not able to set AP profiles/AP groups anymore through the GUI (I only have "Built-in AP" menu).

  • Zyxel_Melen
    Zyxel_Melen Posts: 2,300  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @Chris10,

    Thanks for the information. Since USG20W-VPN doesn't support the AP controller function, you won't see the controller option, and cannot apply this configuration.Below table is from USG20W-VPN user's guide:

    image.png

    For manage your Zyxel APs, please consider upgrade the firewall models to which support AP controller functions, like USG FLEX 100 or above. Or, you can use Nebula control center for centrolized management.

    Zyxel Melen

    Engage in the Community, become an MVP, and win exclusive prizes!


  • Chris10
    Chris10 Posts: 4  Freshman Member
    First Comment Friend Collector

    Hi @Zyxel_Melen ,

    Thanks for the information.

    What would be an equivalent basic configuration with 2 SSID (and 2 different outgoing-interface for those) for this model ?

    Is it possible to completely disable built-in AP by command line ?

    • Somehting like this :

    ap-group-profile Disabled-WLAN

    slot1 ap-profile default

    slot1 output-power 0dBm

    ap-group-profile Enabled-WLAN

    slot1 ap-profile default

    slot1 output-power 30dBm

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)