USG_User  Master Member

Hi Gerhard, At the first glance it looks similar to mine, including the same Security Policy rules from WAN to ZyWall, from SSLVPN to LAN1 and from LAN1 to SSLVPN. Only one difference … we are not using IPs from the LAN1 subnet also for the SSLVPN clients. For example, our LAN1 subnet is 192.168.21.x and we assign IPs from…

Moin Gerhard, Properly adjusted, there are no problems with RDP over SSL-VPN. In past we used it on an USG110, and this time over an USG Flex 700. If you are not able to solve the problem, taking into account Jeff's hints, please let us know and we go through our config step by step. Gruss aus Rostock

I've done it and it works. Thanks But I'm a little bit concerned that we have to set this threat ID to the allow list since this ID is originally intended for "VLC Media Player RTSP Plugin Stack Buffer-Overflow" and not for ordinary RTSP camera streams.

After further investigation we found a Custom Signature Rule named "Cs" with this ID. But we cannot remember established this custom rule by ourselves: Has anybody an idea whether this has been added automatically by the last FW updates, or what sense such a rule should have? Therein is nothing ticked.

Hi guys, Could you kindly respond whether all in this thread reported issues of the ABWD.0 are gone with 5.36 ABWD.1 patch? Or have the VPN issues only been replaced by other new problems?

Thanks Cooldia, appreciated.

@Zyxel: Is it planned to release a new official update soon? Or should all affected customers ask for the ITS lab version now?

Thanks a lot Agor. Indeed, normally not more than 3 streetworkers are connecting simultaneously to our Flex700.

Has already been turned out which special configuration is responsible for the issue? Our USG Flex 700, configured with 15 SSL VPN Users, is still running fine without problems or permanent reboots, but we are concerned nevertheless.

I guess this is not possible since the different signature update services are fasing out ( https://webservice.zyxel.com/end-of-life ). Reduced technical support is available until 2024 only. We've removed our USG110 and replaced it with USG Flex 700 recently.

We've updated our USG Flex 700 to 5.36 on yesterday and didn't experience any problems until now.

Yes, SecuExtender SSL VPN 4.0.4.0 is still valid and is working properly here with us on Windows 10/11 clients when connecting to our USG Flex 700.

The problem is that it will reappear again and again on each MS patchday since the .NET or Windows desktop runtimes change its release numbers (and connected hash values) very often. It is no solution to let the user adding any hash values to the "allow list" subsequently every time. We encountered this behaviour also for…

Thanks Jeff, appreciate your good support Was it a little "glitch" only, or could you find a bug in FW? For the moment it works fine and the PW change notification screen doesn't appear anymore. I would come through again in case this behaviour reappears.

Hi Jeff, Today the error reappears again. When logging-in the Password Change Notification window is presented. Therein I set the combo box "Please remind me:" to "never" and clicked OK. Then shortly a small CLI error window appears which disappears after 1 second automatically. That means that switching to "never" failed.…