Comments
-
@Zyxel_Melen I will PM you next week, after local business hours when I set this up in the office. I need to switch back to 5.39(arb.1) partition, and will change IP address back to address that was attacked so existing BOTNET does not communicate over new Public IP. After you view BOTNET malicious traffic, I plan to…
-
@Zyxel_Melen Just to clarify, are you asking for remote access? I don’t want to switch to 5.39(arb.1) partition due to all the malicious traffic that caused us huge issues, including having ISP change Public IP address due to the continuous attack on previous IP address. I could take router offline and move to my LAN as…
-
@valerio_vanni Thanks for clarification on Port 443. I also discovered today a Factory RESET only purges Active firmware partition. I updated 5.38 Partition to 5.39(arb.1) and when I rebooted to the new firmware, I witnessed the same malicious traffic, so I aborted and switched back to 5.39(arb.0) until I can Factory RESET…
-
@Zyxel_Melen Thanks for information.! However I have images of unknown traffic being sent out as VPN Traffic after attempting Factory RESET 25 seconds, and rebuilding configuration: Unknow VPN Traffic Example of TX Data before OFFICE Opened Unknown traffic has disappeared after 35 Second Factory Reset. Is it possible…
-
@smb_corp_user Thanks for your comments! I hope someone benefits from my loss of many hours rebuilding twice, to eliminate the hidden VPN BOT, installed by hacker.
-
@Zyxel_Melen Thank you, I will look for it. Once I connect with RDp after reboot, I can stay connected but the traffic is so overwhelming, I have to run over the office and reboot both the router and modem, to return Internet access (last between 1.5 and 3 hours). I appreciate the assistance! It’s like factory reset didn’t…
-
@Zyxel_Melen Thanks for the question. I took the router completely offline and updated offsite in my home office with no Internet. I uploaded 5.39 and performed factory reset (reset button about 15 seconds or longer took a while). While keeping WAN unconnected I changed my password, and started rebuilding configuration…
-
@Zyxel_Jeff I notice My personal USG20W-VPN did not have "Wiz_HTTP_Not_Restrict_0" in "Policy Control" after upgrading to USG FLEX 50W firmware last year (as found in new unit I'm setting up). I also have been receiving notice: "Warning: You have a rule that allows anyone from the Internet to access the web mgmt. interface…
-
II called Tech Support, and the answer was to Disable: "Wiz_HTTP_Not_Restrict_0" to Prevent WAN Access in Configuration>Security Policy> Policy Control: Another issue I was having is inability to login into Web Configurator from a Windows 10 machine. I will post result of that finding under a different subject, because…
-
@Zyxel_Stanley Well that really simplifies things, if I can jump directly from 4.25 to 5.35! I always backup confirigurations to a PC before flashing. This is a huge time saver! »You can backup confoguration to your PC first, and apply configuration again after Firewall upgrading firmware completely.« I assume once I…
-
I have also read the following: The latest upgrade says "If the firewall running with previous version then ZLD5.00, we recommended upgrade to ZLD5.10 C0 or later version to Standby partition first before upgrading to ZLD5.31" I jumped to 5.31 in Standby direct from 4.65, because I never saw this prior. When switching to…
-
@Zyxel_Stanley Sent you PM. I have since updated Standby firmware from 5.31 to V5.35(ABAR.0) and testeing WiFi-Calling (the Version I'm running). WiFi calling appears to be working much better! I had to stay on V4.65 since WiFi calling would not work on V5.31. I don't see Port 4500 being blocked. Will keep an eye on logs!
-
@Zyxel_Stanley Will try and schedule this middle of next week, and I will call forward my cell phone to my Voip Line.
-
@Zyxel_Stanley I just saw your PM, I've been backed up with my schedule, sorry for delayed response. I did send a PM back to you to coordinate.
-
@PeterUK Thanks for feedback, I will look into your post for further detail. The destination port number isn't always the same. I haven't had much time to deal with this, but I appreciate your feedback on this topic.