Zyxel_James  Master Member


Last Active
Zyxel Official Agent
Which product type of newsletter you want to receive?
Business and consumer products


  • Hello @SiSZyComm I cannot reproduce this behavior. I have the same user group settings. And create L2TP VPN configure via Quick Setup and then change the Allowed User to l2tpGroupAllowed The result is a sccuess Could you upgrade to the latest firmware version V4.73 and try again? thanks. James
  • Hello @peterUKSince the paragraph has no punctuation, I'm not sure I understand right, please correct me if the steps are wrong. 1. create a Content Filter profile "grc3", enable Custom Service and Check Common Trusted/Forbidden List, add *.grc*.com to Forbidden Web Sites, and apply to LAN1_outgoing >> grc.com is blocked…
  • Hello @SMarkGThe device will automatically detect if the VTI IP/Mask is in conflict with any local subnet. Actually, you can change it to any other IP/Mask as long as it's not in conflict with any local subnet, not change it to the remote subnet. James
  • Hi @alexeyCould you capture the packet and collect the diag-info when this behavior occurs? ( Maintenace > Diagnostic > Controller > Collect Now) James
  • Hello @Thierry2Is it only ICMP traffic that does not respond?Very common is that the destination does not respond to ping. Often Windows servers do filter the ping. Or the local routing table of the ping destination might have conflicting routing rules.Please observe Monitor -> VPN Monitor -> IPsec when pinging and see if…
  • Hello @Thierry2Zyxel does not block ICMP through the VPN tunnel by default, it could be blocked due to your routing policy or security policy, please check if there is any log about it.Moreover, you may refer to this articlehttps://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=012472&lang=EN James
  • Hello @aait We are already aware of this problem, and working on it, we will let you know when there is any progress, thanks. James
  • Hi Christian78 May I know how you test it? and please provide the topology of your network. You may also contact me via private message for further investigation, thanks.
  • Yes, based on my suggestion, the traffic from RemoteAccess_L2TP_Wiz_CLIENT to Any will be limited, which includes to local network, you may adjust the Destination according to your needs.
  • Hello @Christian78Changing priority won't affect the bandwidth. The device gives bandwidth to higher-priority traffic first, until it reaches its configured bandwidth rate, so if there is no other traffic with higher priority, the lower-priority traffic can get the full bandwidth.I suggest changing the outgoing/incoming…
  • Hello @Matt10669Here is some information about the configuration file. startup-config.conf is the current configuration of the device that will be saved after every change. In other words, if you apply yyyy-mm-dd-example.conf, the device will apply yyyy-mm-dd-example.conf first, and then save startup-config.conf as…
  • @TAPTech, could you provide your routing topology with a diagram? and what do you encounter when setting it up on Nebula? thank you. James
  • Hello @TAPTechDo you mean by Policy Routing? Policy Route allows you to route a certain subnet to a specific WAN interface. James
  • Hello @TAPTechNebula mode does not support that binding multiple WAN interfaces in one WAN group. In other words, each WAN Group can only have one WAN (virtual)interface. James
  • Hello TAPTech,One WAN port group only can have one WAN interface binding regardless it is a virtual WAN or not. It means you cannot add a new (Virtual) WAN interface in a WAN group which already bound to another WAN interface. Is it the error message you meet? If not, please provide a screenshot of the error message and…
Default Avatar