NEP 
Ally Member
Comments
-
Thanks @AndreasZyxel. That is the page I was looking at prior to attempting "Configuration Walkthrough". It shows set up for IKEv1 and I was looking to do IKEv2 as the other is old and considered insecure. Can't imagine the process is too different. Just looking for a little extra info, hence the config tool. Thank you…
-
ATP800 running "V5.35(ABIQ.0)ITS-23WK06-r107740 / 2023-02-04 03:20:27". Should be the latest, prior to the one released at the end of April. It's a weekly build that we updated to because the last stable release had a bug that was flooding our logs. Not sure why the links would have changed between versions or if they did…
-
If the outbound traffic is on another port (ie. not 25, 465), then yes I suppose the rules wouldn't match that. I'll have to double-check that on the old firewall. As for the 15 IPs, what I stated is correct. The 0 and 5 wrap to the next line. Not my fault, it's how the forum sized the columns. Those settings are exactly…
-
I believe we are talking about the same place already. Configuration > Network > Routing > Policy Route The two routes are already at the top. Traffic with a LAN destination is #1 and WAN destination is #2. I do have ports applied though. Why is that an issue exactly?
-
I don't know what you mean by "You want 10.10.10.10 to SNAT 50.50.50.10 so do for routing interface LAN for source 10.10.10.10 destination any and port any next hop ge8 SNAT 50.50.50.10". That is what I have in the Policy Route. Are you saying it should be somewhere else? As for the SNAT Status, that is simply the…
-
Hi @PeterUK and @Zyxel_Jeff, Guess I'm at a bit of a loss. I thought I followed PeterUK's and your first comments. They seemed to jive with what we had to do to get it working correctly. However, your second post threw a "monkey wrench" into that. We are set up exactly the same as the link that you provided. That is, we…
-
Thanks for the info. Seems odd to not increment the version (only the date) for something major like that.
-
Hello. What has changed in this release? According to the download page and release notes, it appears to be the same version that was released back in August. The only difference I saw in the notes was that the "Change History" entry was changed to "V2.70(Axxx.3) | 10/26/2022". Right now, the dashboard of our GS1900-24EP…
-
@Zyxel_Stanley Thanks for the "Best Practices" link. We had Trusted IPs and Geolocation set up and I separated the HTTPS and SSL VPN ports yesterday. I'll peruse that page when I get a chance. Please consider this matter closed. Thank you!
-
@Zyxel_Jeff Or is that what "[Bug Fix] eITS#220500690 a. Fix: SSLVPN service port keeps using the original port after manually customized it" indicates?
-
@Zyxel_Jeff Thanks for the explanation. Don't recall seeing a clear indication of this in the Release Notes. Seems like quite a breaking change. Then again, I suppose this is more related to an incorrect configuration in the original setup. You guys can't be expected to know all the configurations in-use. Is it safe to…
-
Using a limited-admin user is definitely not the solution. If you look under User/Group you'll notice that we have two admins and the rest are simply users. The limited-admin was created special for you guys to access the portal. Also, we don't use the admin users to connect with the VPN. That was disabled when you guys…
-
The list was auto updated in the last 24 hours and as you said the IP is no longer listed. Thanks! Out of curiosity, did you have to whitelist the IP or was it removed by whatever services you use to maintain the list?
-
Hello. Just installed v5.32 and we are still having the same issue. The SSL VPN won't connect. Same log errors as before. 5.30 works fine, 5.31 and 5.32 do not. I saw in the changelog that there was a MAC OS issue with SSL VPN and ports not being identical. Maybe we have something similar. In any case, I have left 5.32…
-
@Zyxel_James What does "except IP address" after the "IP address is considered as high-risk" mean? As for your request, I don't know what the hosting website's URL is. Just pulled the info given from a Whois lookup. Having our user ask their contact now. I'll DM you all the relevant information once I have it. Thanks!
