NEP  Ally Member

Ok. Thanks for the help. At this time, we don't have two malfunctioning and one functioning controller to provide. This has been handled by our installer. I just handle the management. As such, I suppose this matter can be closed without being resolved (not Zyxel's fault). I am at the mercy of the installer and can't…

Sorry for the delay in responding to this, but my hands were tied and still are to a degree. The installer (who is also the KT-1 tech) has not analyzed the controller. I am told they are too busy. However, I have received some pictures from them of the controller board. I don't see any visible issues but I'm also not an…

@Kay Thank you for responding. I am waiting on the answers to your questions. Just reached out to our installer and it sounds like they had an issue with manpower, so getting the answers has been delayed. I will get back to you when I have what you asked. Hopefully this week but it's outside of my control. Thanks again!

Hi @Zyxel_Kay, Sorry for the delay in responding. Had to get some information together. Zyxel switch utilizes active PoE in accordance with IEEE standard, which requires communication with the peer device to confirm PoE requirements before supplying power, so the switch will not shutdown peer devices power. Could I ask if…

I don't recall marking this as answered, but I do have it working with SecuExtender SSL and MS Authenticator. Thanks @zyman2008. I had edited the original post about a note that I saw. Are you aware of Non-SecuExtender IPSec VPN Clients not supporting MFA? I would consider the SSL VPN to be one such client (based on name)…

That is where the VPN Gateway "RemoteAccess_Wi" points too. It's the next tab over in the UI. Unless we are talking about different things. The config page looks exactly like what you posted though.

Pretty sure I followed what you said. Here is what it looks like now. This does not work without the Wi-Fi off either. The phone simply shows "VPN Connecting…" and a loading spinner.

@Zyxel_Cooldia I don't know what the VPN event log is. Looked in View Log and the only Category for VPN is "VPN Dashboard". That doesn't have any information. The only log entry I see is "User user(MAC=) from eap-cfg has logged in/out Device" and only when not on Wi-Fi. Does that mean some logging is turned off? In Log…

Ok. I did not see that article, just the Zyxel announcement that was emailed out. So they patched the software to protect Windows "admin" access on the client's computer which has nothing to do with compromising the ZyWALL endpoint? It would still be nice to know who is connecting with what. All of our user endpoints are…

Hello. Is there a way to audit whether the user has updated the VPN? I looked in the Logs and there is nothing like it available under "SSL VPN". Or is there another way to otherwise block these connections? Based on this update, it seems that the vulnerability is on the client side. What is to stop a nefarious person from…

Didn't think to check that before, but to answer your question yes. I can ping the switch from my PC but can't access the web interface via the same IP. Only one entry is Active in "Remote Management" and the value is "0.0.0.0". Seems like you're onto something, what do you think is causing the block? Also, since there is…

@annm We have two ATP devices. The portal was slow but accessible on one. The other would show the login page but not connect at all. Anyway, based on what had been said, we disconnected the WAN and restarted the devices. That made the portal accessible. However, in both cases, the process wasn't as simple as uploading the…

@Zyxel_Cooldia Just got around to checking this again. I see that the links no longer appear to point to that subdomain. Also, I was able to get an IKEv2 VPN set up with the information that you provided. Thank you!

@Zyxel_Cooldia Is there any update on this?

@Zyxel_Cooldia Thanks for that. Will look into it that shortly. However, that doesn't answer my original question. The kb.zyxel.com website still appears to not working. Any news on it being fixed?