PeterUK

Yes depending on how you use it to make rules or make your own zone

in Configure bridge interface Comment by PeterUK 5:13PM

Are the interfaces you need to then create bridge set to unassigned?

in Configure bridge interface Comment by PeterUK 4:35PM

that why you do routing incoming any destination 192.168.255.64/28 next hop VPN tunnel so that the NAT rule for 192.168.255.66 routes down the tunnel

in Network/NAT Comment by PeterUK November 20

All I can tell you is use tcping64.exe and keep trying https://download.elifulkerson.com/files/tcping/0.39/x64/

in ROUTING Comment by PeterUK November 20

Did you click to stop the capture ?

in ROUTING Comment by PeterUK November 20

Was able to do that here Connecting client for port 5126 > WANIP Zywall 110 > site to site > USG40 > host for port 5126 Zywall 110 LAN2 192.168.138.0/28 site to site local policy 192.168.138.0/28 remote policy 192.168.255.64/28 NAT incoming WAN external IP WAN internal IP 192.168.255.66 port 5126 Routing incoming tunnel…

in Network/NAT Comment by PeterUK November 19

I would think the Asus has a driver issue for the NIC try new ones Communications Network ICs-通訊網路 ICs or try disable ARP offload and see if that helps Also there are two driver types NDIS and NetAdapterCx

in GS1900 tagged VLAN nodes drop off after 5 minutes Comment by PeterUK November 19

I have the SSL VPN working fine on FLEX200H Maybe the pool IP is conflicting?

in SSL VPN working on FLEX 100H? Comment by PeterUK November 19

I'm not sure why you can't loopback then sorry You can do a packet capture on the interface DMZ as you try connecting to it by WAN IP from LAN to see if its getting to the NAS

in ROUTING Comment by PeterUK November 19

Does your ATP get the WAN IP's not rfc1918 IP's?

in ROUTING Comment by PeterUK November 18

the option for NetBIOS broadcast over SSL VPN Tunnel is not available on H models USG FLEX H series support NetBIOS broadcast over SSL VPN tunnel function — Zyxel Community

in hostname Comment by PeterUK November 18

Well they have not got back to me but their is one good new which is Real DMZ type 3 I found many months back before 2.1 but the down side to type 3 is it needs more hardware to do. so I hope type 3 stays working or who knows type 2.1 might work again or even original Real DMZ type 1

in Real DMZ type 2.1 broken in V1.3 Comment by PeterUK November 18

You may also need policy rules on each to allow the traffic check your logs for blocked traffic

in Site2Site VPN and IKEv2 VPN - No Route to Remote Site Comment by PeterUK November 18

One way to look at this is whats the difference between two rules each with Address group of 64 vs one rule with Address group of 128 ?

in 64 object limit for IP group Comment by PeterUK November 18

looks like you need routeing rules HQ incoming tunnel VPN of IKEv2 for clients destination 172.17.0.0/16 next hop VPN Tunnel Site2Site External Site incoming any destination 192.168.10.10 to 192.168.10.100 next hop VPN Tunnel Site2Site

in Site2Site VPN and IKEv2 VPN - No Route to Remote Site Comment by PeterUK November 18

PeterUK Guru Member

Comments