GrahamWebb  Freshman Member

Comments

  • Thanks, I it did look like there were some settings that were not available compared to my newer Zywall. I will have a look at setting up a bridge or just using a switch.
  • Hi Ivan, thanks for the update.
  • Sorry does this mean that there was a error by Zyxel that meant new firmware was pushed to the Zywalls when it shouldn't have been? I thought these issues were due to some kind of DOS attack dueto vulnarabilites?
  • Thanks and well done for coming up with a fix so quickly! I had this issue on our USG Flex 500 and I had to take a trip into the office to disconnect the WAN link and then power cycle and update to the new firmware. This seems to have resolved the issue now. Will more details be released about this DDOS attack?
  • They don't store the logs unless you configure a USB stick to store them on or setup a syslog server.
  • Hi Emily thanks I did make those changes to the SSLVPN port as per the instructions, I added TCP port 10433 Wiz_SSL_VPN object to the Default_Allow_Wan_To_Zywall and changed the port number to 10433 on the SSL VPN Global Setting page. I was testing from my laptop connected to my iphone as a hotspot so maybe that had…
  • Looking at it again I think its these two default rules that are causing it, funnily enough LAN3 wasnt able to route to the others it was only between LAN1 and LAN2 I think. I thought that was because I had to add LAN3 myself as another zone, I guess those two rules should be allow to WAN not any.
  • "If you remove rules LAN to WAN can you still ping the internet?" I cant really test that now as no longer there but will try that.
  • Hi Peter its a brand new USG 500 FLEX and I am on the latest firmware. A few things were not working quite as they should, I could not get SSL VPN working on port 10433 either even though that service was included in the default WAN to Zywall rule I had to keep it on 433 and even had to put another allow rule for that to…
  • Hi I have got the certificate to import now, I had stupidly downloaded the wrong certificate. I still got the Ajax communication failed error but the certificate imported when I had the correct one selected. Its not the best that it comes up with that Ajax error at all though.
  • Hi Sorry I think you are getting mixed up with my other post regarding the x-frame-header header I have fixed that vulnarability now but the PCI scan is now failing on the x-xss-protection header being missing. Is there a similar command I can run to enable this header?
  • Thanks for the reply but I was able to run the command over the weekend, I think the issue was due to me using the web console.
  • Hi I was able to run the command successfully from a proper SSH window using Putty with no ill effects. Perhaps the router crashed because I was using the web console so wont use that again.
  • Hi can anyone help it seems odd that that command would crash the router, I checked the logs and the router rebooted itself shortly after I entered it. Could it be because I entered the command using the web console in the browser rather than using a proper SSH connection from Putty? I am nervous of trying to run it again…
  • Hi I am getting this come up on our recent PCI scan for our Zywall USG 310 so opened up the web console to type the following commands in: Router(config)# ip http x-frame-options Router(config)# write As soon as I pasted in the first command "ip http x-frame-options" into the console everything froze and the router stopped…
Default Avatar