1.37 - Wrong Remote Access VPN Batch file script

Options
e_mano_e
e_mano_e Posts: 116 image  Ally Member
First Answer First Comment Friend Collector Fifth Anniversary
in USG FLEX H Series

Hi,

this relates to a USG Flex 100H with the current V1.37 firmware.

I've just setup Remote Access VPN and I used the download option for "VPN Configuration Script Download".

I've used the windows batch file script to create the VPN connection.

There is a syntax error in the generated batch file script related to split tunneling:

The created (wrong) script looks like this:

set SplitTunneling=$True

if "%SplitTunneling%"=="True" ()

The generated if statement is wrong.
It has to look like this:

set SplitTunneling=$True

if "%SplitTunneling%"=="$True" ()

(Please note the dollar sign before "True".

Because of the wrong syntax the if statement doesn't evaluate as true so the vpn connection route doesn't get created.

I've came accross this (using the split tunneling mode) and wondering why my VPN connection doesn't allow me to access the VPN IP adresses.

Accepted Solution

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,467 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Answer ✓

    Hi @e_mano_e

    Thanks for pointing this out. We will fix this in the future firmware release.

    Zyxel Melen


All Replies

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,467 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @e_mano_e

    I did a local lab but the script install is fine. My laptop installs the VPN connection and I can connect it.

    Could you share:

    1. Your Windows OS and version. Like Win11 23 H2.
    2. Your VPN script. Please send it with me via private message.
    Zyxel Melen


  • e_mano_e
    e_mano_e Posts: 116 image  Ally Member
    First Answer First Comment Friend Collector Fifth Anniversary

    Hi @Zyxel_Melen

    The script installs fine. Yes. But take a deeper look.

    The variable SplitTunneling is set to $True in the beginning of the script.
    Later there are two if "%SplitTunneling%"=="True" statements.

    Because SplitTunneling is set to $True the if statements should evaluate as true and the call to "Add-VpnConnectionRoute" should be called which is not the case.

    Try to add an "echo IF STATEMENT!" within the if statements to see that you will not see the echo.

    I'm using Win11 Pro 25H2.
    I've send you the VPN script via PM.

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,467 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate
    Answer ✓

    Hi @e_mano_e

    Thanks for pointing this out. We will fix this in the future firmware release.

    Zyxel Melen


Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)