Comments
-
External vlan interface specifying wan1. Was not added automatically to trunk which made it difficult to know where or what to look for.
-
Apologies JanSery, reread your initial post a few times now and can see you are looking to failover of VPN back to wan1 if wan2 fails. We never went this far to make it automatically happen, and just manually changed VPN back to wan1 the very odd time we lost wan2. Hope someone here has an automatic failback method you can…
-
We have an identical setup to yours and forced IPSec VPN to use wan2 via the VPN Gateway settings that we created for that VPN connection. See screenshot below: If you need any additional details please feel free to ask.
-
Unusual that the VLAN interface did not add it automatically add the the wan truck, made it difficult to know where to troubleshoot. So I gather the wan1 interface is now no longer required in WAN Trunk as it is not really used?
-
Any feedback Zyxel_Cooldia ?
-
Looks like we have found our answer, although would like clarification. So firstly the WAN setup for IPoE, static IP and VLAN100 was all correct. Thanks for Zyxel support for confirming our config sounded valid. What we didn't realise is we had a Default Trunk in place with a Policy Route using that Trunk for LAN to WAN.…
-
So I have a running ping to 8.8.8.8 from notebook at 192.168.1.33 connected to LAN port of ZyWall USG - no reply as previously detailed in original post. LAN ZyWall USG: 192.168.1.1 WAN public IP address: 61.x.x.122 WAN Gateway: 61.x.x.121 These are my results for arp-table and packet-trace. So is this showing packet is…
-
Thank you for the quick response. Tomorrow I will check run a packet trace and check the arp table results and report back here for you to analyse. Your example is interesting however as in your arp table vlan100 has quite a different ip address to wan1. The config I detailed in my question has vlan100 with the static…
-
Forgot to mention we also needed to add this Firewall rule to enable contact to internal addresses on LAN:
-
Hi Emily, Minutes after I received your post reply I resolved the L2TP VPN client to site login failure. Let me explain more ... We have in place of course the Default Firewall rule for WAN to ZyWALL for IKE, ESP, NATT and also added USP 1701 - login failed under these conditions as stated in my original post. We added a…
-
Line 28 onwards of log above seems to be where the disconnection happens for our VPN client-server login. Do you have any suggestions Charlie? I can certainly send you the firewall config if required to help troubleshoot.
-
That is true, clear port statistics is what we were after however we were hoping if all interfaces were cleared then maybe this would clears the port used by those interfaces. Seems our hopes were in vain. Thanks for your help.
-
Charlie, Can you review this snip from a CLI Reference Guide - seems to suggest it can be done however I am uncertain as to correct syntax.
-
Both the HP and Cisco switch we updated the firmware yesterday and re-enabled PoE, and the negotiation issue resolved itself with the ZyWall. There must have been something in the 2014 version of switch firmware that caused this PoE fault. Thank you for everyone's suggestions.
-
I believe we have found why our HP or Cisco Managed Gigabit PoE are having issues communicating with a 1000 HD connection to LAN port of our ZyWall - as described previously no issue when set to 100 HD. We tried a non-PoE Gigabit switch and it worked at 1000 HD with ZyWall - success. So went back to the original PoE…