NEP  Ally Member

Comments

  • Ok. I did not see that article, just the Zyxel announcement that was emailed out. So they patched the software to protect Windows "admin" access on the client's computer which has nothing to do with compromising the ZyWALL endpoint? It would still be nice to know who is connecting with what. All of our user endpoints are…
  • Hello. Is there a way to audit whether the user has updated the VPN? I looked in the Logs and there is nothing like it available under "SSL VPN". Or is there another way to otherwise block these connections? Based on this update, it seems that the vulnerability is on the client side. What is to stop a nefarious person from…
  • Didn't think to check that before, but to answer your question yes. I can ping the switch from my PC but can't access the web interface via the same IP. Only one entry is Active in "Remote Management" and the value is "0.0.0.0". Seems like you're onto something, what do you think is causing the block? Also, since there is…
  • @annm We have two ATP devices. The portal was slow but accessible on one. The other would show the login page but not connect at all. Anyway, based on what had been said, we disconnected the WAN and restarted the devices. That made the portal accessible. However, in both cases, the process wasn't as simple as uploading the…
  • @Zyxel_Cooldia Just got around to checking this again. I see that the links no longer appear to point to that subdomain. Also, I was able to get an IKEv2 VPN set up with the information that you provided. Thank you!
  • @Zyxel_Cooldia Is there any update on this?
  • @Zyxel_Cooldia Thanks for that. Will look into it that shortly. However, that doesn't answer my original question. The kb.zyxel.com website still appears to not working. Any news on it being fixed?
  • Thanks @AndreasZyxel. That is the page I was looking at prior to attempting "Configuration Walkthrough". It shows set up for IKEv1 and I was looking to do IKEv2 as the other is old and considered insecure. Can't imagine the process is too different. Just looking for a little extra info, hence the config tool. Thank you…
  • ATP800 running "V5.35(ABIQ.0)ITS-23WK06-r107740 / 2023-02-04 03:20:27". Should be the latest, prior to the one released at the end of April. It's a weekly build that we updated to because the last stable release had a bug that was flooding our logs. Not sure why the links would have changed between versions or if they did…
  • If the outbound traffic is on another port (ie. not 25, 465), then yes I suppose the rules wouldn't match that. I'll have to double-check that on the old firewall. As for the 15 IPs, what I stated is correct. The 0 and 5 wrap to the next line. Not my fault, it's how the forum sized the columns. Those settings are exactly…
  • I believe we are talking about the same place already. Configuration > Network > Routing > Policy Route The two routes are already at the top. Traffic with a LAN destination is #1 and WAN destination is #2. I do have ports applied though. Why is that an issue exactly?
  • I don't know what you mean by "You want 10.10.10.10 to SNAT 50.50.50.10 so do for routing interface LAN for source 10.10.10.10 destination any and port any next hop ge8 SNAT 50.50.50.10". That is what I have in the Policy Route. Are you saying it should be somewhere else? As for the SNAT Status, that is simply the…
  • Hi @PeterUK and @Zyxel_Jeff, Guess I'm at a bit of a loss. I thought I followed PeterUK's and your first comments. They seemed to jive with what we had to do to get it working correctly. However, your second post threw a "monkey wrench" into that. We are set up exactly the same as the link that you provided. That is, we…
  • Thanks for the info. Seems odd to not increment the version (only the date) for something major like that.
  • Hello. What has changed in this release? According to the download page and release notes, it appears to be the same version that was released back in August. The only difference I saw in the notes was that the "Change History" entry was changed to "V2.70(Axxx.3) | 10/26/2022". Right now, the dashboard of our GS1900-24EP…
Default Avatar