Comments
-
You can have a try to setup DNS Server. (e.g. 8.8.8.8)
-
You can have a try Server Name & URL in DDNS within user custom setting. Server: dyndns.strato.com URL: /nic/update?
-
You can try 'Fast Forwarding' on the USG60, which allows traffic to pass without content checking. (Configuration > System > Advanced > Fast Forwarding)
-
Are there many users did not authorised by Web Authentication function?
-
The default firewall policies allow traffic to and from the IPSec VPN Tunnel because the latest rule blocks all traffic "From Any to Any". Therefore, the rules you mentioned should not cause any problems. You can check if any policy route rules are affecting your VPN traffic.
-
For Layer3 router, ZyXEL firewall doesn't support block client by MAC address(Layer 2). You can only block MAC address by swtich or by AP profile. Or you can consider block client "IP traffic(Layer 3)" by current functions. (1) Add MAC address into "Static DHCP Table" settings, and assign a specific IP address for client.…
-
You may have a try strongswan VPN client APP, maybe it still support L2TP VPN connection.
-
@Kepir Your VPN connection scenario is different as previous one which setting is "client to site VPN"... Here is FRITZBOX site to site VPN configuration guide: https://en.avm.de/service/vpn/tips-tricks/connecting-the-fritzbox-with-a-companys-vpn/ In IKEv1 setting on USG could be: #6 The VPN ID on USG doesn't support space…
-
You may have a try key group setting on ATP200: Phase1(VPN Gateway): DH2 Phase2(VPN Connection): none If still doesn't help, you can share VPN connection fail log entries.
-
The Verizon WiFi Calling seems working with IPSec VPN tunnel. https://community.verizon.com/t5/Verizon-Wireless-Services/What-are-the-wifi-calling-firewall-ports-and-destination-IP/td-p/1080659 Did you create Port Forwarding(NAT) rule to mapping IPSec VPN traffic from WAN zone to your iPhone?
-
There is no SSL VPN client for Linux OS. You could try to build VPN tunnel by other types. (e.g. L2TP VPN)
-
Did you keep your SSL VPN tunnel as up over night?Or the tunnel is unable to reconnect anymore after your PC waking up from sleep?You can have a try to shutdown Secuextender software and Disable-Enable your Netowrk-Interface-Card first. And try to reconnect SSL VPN tunnel again. in my experience, it helps.
-
Abnormal TCP log setting removed from alert level. It will not send alert mail to me. It helps a lot. Thank you :blush:Current status is inform level. At least I know USG received abnormal packets but not annoying mails.
-
@nielsscheldeman what's firmware version are working on your device? You may capture packets on VTI interface to monitor the traffic status.
-
@MSA You may have a try 4.72WK20 FW. https://community.zyxel.com/en/discussion/13548/zld-v4-72-wk20-firmware-release#latest