Johan  Freshman Member

The cause of the issue have been found and a fix have been coded, however not yet released for public. Testing is still being performed, the fix should be in the next release/patch of firmware. I have estimate of release date. For now the recommendation if you experience issues with 4.30 is downgrading.

@spallared See my response in private message.

In case you have not already solved this, I believe you can download the config without login through the console port. After backing it up you can perform a reset of the firewall then backup the startup-config instantly after the reset. Then copy the encrypted password line from the factory reset config over to your…

@spallared Yes please provide full logs, check them first though so that you do not disclose any sensitive information.

Are you using the latest available firmware for your ZyWALL USG 200? Latest stable firmware is 3.30(AQU.7)C0: ftp://ftp2.zyxel.com/ZYWALL_USG_200/firmware/ZYWALL%20USG%20200_3.30%28AQU.7%29C0.zip

Could you temporarily disable the anti-spam to check if the issue disappears? Then we can confirm if it is the Anti-Spam function that causes it or not & proceed from there.

Could you please translate what the event says to English?

Did you try enabling NAT-Loopback to your NAT-rule in the firewall that forwards traffic to the Mail/Web-server?

Is your firewall behind another router/NAT?

Off-topic: Have you blocked VPN traffic as well to avoid the users by-passing your limit by hiding in a VPN? Did you block all-traffic except the ones that should be allowed or did you specifically block only the ones you do not wish them to use?

I set up a lab yesterday with a ZyWALL 110 & USG40, both updated to 4.25(AAAA.1)C0 & 4.25(AALA.1)C0. I used iPerf: https://iperf.fr/ to get base measures of throughput (Default settings). On USG40: WAN to LAN / LAN to WAN: 200-250 Mbps (With Policy Control enabled). 300-350 Mbps with Policy Control disabled. Traffic over…

@sebit I will see if I can set up a lab tomorrow with two units using 4.25 firmware. Then set up a IPSec VPN and FTP server. No promises though, it all depends on how busy my day at work will be. But I'll try! Hopefully I will be able to replicate it meaning I can do some tests to find a solution. Temporary workaround…

Sorry I have not heard of transfert before. Could you please try answering all the questions in my last post.

Once you got the DNS issue solved, if you want to access internal servers by their hostname/public IP remember to enable NAT-Loopback in your NAT/Port-forwarding rule.

I believe you have received the answers, but compilation: 1, Backup your configuration, backup your configuration, backup your configuration. 2, Like Mark said: Make sure you unzip and upload the .bin file, not the .zip. 3, Like Blabababa said do not jump from such an old firmware directly to the latest one. His/Her…