Comments
-
You may adjust the algorithm and check it again. VPN gateway: DES,MD5, DH1, VPN connection: DES,MD5,DH1. If several clients communicate with peer simultaneously, the RDS connections will be effect.
-
If you enter password more than 10 seconds, the VPN will be established failed? If so, it looks like timeout related with AD or clients.
-
I have the internal server behind device as well. Here is as EX: Server support 81 port, and IP is 192.168.1.10 Wan IP is 61.X.X.X You may configure below type public with port 81 to access local server
-
I think you need to create the static route Example: DNS server is 192.168.10.X Local gateway: 192.168.1.1
-
I think you should check configuration on Synology, since device works on Windows Server 2008 R2 and Model RS815+.
-
On Connectivity check, I use ICMP as method ,and default value for others.
-
From the message, it seems the configuration of IP and Port between device and USG are mismatch. Can your USG ping to Synology Active Directory Server? You may check configuration on Synology with below link https://www.synology.com/en-us/knowledgebase/DSM/help/DirectoryServerForWindowsDomain/synologydirectoryserver_desc
-
I think you need to build Win Server, since the netbios broadcast traffic will not pass through a vpn, so you would need to switch to NetBIOS over TCP. The topic has been discussed numerously from internet, you can check this article. https://community.cisco.com/t5/vpn/netbios-over-vpn/td-p/1192539
-
I think you can reference this similar thread https://businessforum.zyxel.com/discussion/4816/resolving-lan-hostnames-when-connected-in-host-to-host-vpn Enable NetBIOS broadcast over SSL VPN Tunnel, so the scenario could work.
-
I have similar scenario on my environment. As I know, the mode config only support when phase 2 select Remote Access. All VPN clients can access internal network. Not sure you mean do not capture customers default route. The IP address are assigned from USG(Mode config) could not assign IP by Radius(authentication only)
-
You can check vpn logs in monitor>>log>>view log. Category- IKE and IPSec. What is the vpn application scenario on usg1100? (site to site, site to site with dynamic peer, server role) Is connectivity check enabled on vpn connection?
-
As my experience, you should try to let PC connect with Zywall device directly without patch panel to narrow down issue, since UTM, BWM all disable.
-
You have to activate IDP/AppPatrol signature service first, so the function can be operated. To modify the existing schedule, Go to object> schedule>select the profile then edit it
-
Enable "Allow Asymmetrical Route" on the policy control, disable firewall of server, PC and check again. SSL VPN issue, try to disable firewall during issue occur.What is the firmware version.
-
You need to purchase the license for the secuextender of MAC OS.