Zyxel_Stanley  Guru Member

Hi @Emerald The converter will remove all of UTM(security service) setting from configuration, so it will left Interface/ zone settings in converted setting. So you just need to make sure the hardware port amount are the same. e.g. ZyWALL 310 <> USG310 USG FLEX 500 <>ATP500 <>VPN300

Hi @GiuseppeR The issue did not happened in my test environment. Could you enable Zyxel support access and tell me your organization name for me to check? Please go to Help > Support Request > Zyxel support access to enable. :)

It is the same thread as https://community.zyxel.com/en/discussion/14474/sp300e#latest

Hi @PeterUKFor clarify DHCP issue between client and server we need whole of the packets without filtered. (ARP/DHCP/ICMP are required)You may share the packets in this thread or send that to me by private message. :)

Hi @BlueTeam VOIP protocol includes SIP and RTP. SIP protocol is for service control and RTP is for voice audio streaming. So SIP phone must working in both of protocols, then phone call may work correctly. You may have to describe your environment and traffic direction first for further check. a. Is there a PBX server…

Hi @MHCS The converter server could help to migrate configuration from ZyWALL USG1000 to USG1100. The server side is maintaining for more secure connections. It will online again at the week of 23 Sep. :)

Hi @Abbe You may provide your license key of IPSec VPN Client to me by private message first, then I will further check if reactivate the key is acceptable. :)

Hi @DaNetworks If Fritzbox support bridge mode, then ATP100 could configure public IP address. After enabling bridge mode on Fritzbox, it may stop offer DHCP IP address anymore. If Fritzbox doesn't support bridge mode(NAT mode), ATP100 still could establish site to site VPN tunnel behind NAT route. You have to add port…

Hi @PeterUK The packet initialing by firewall itself, the traffic route will follow "default route". As your case, the traffic passed by other interface which type is external. It is because general interface without additional IP routeing except IP segment configured on itself.

Hi @USG_User It is an old artical since Sep 2019, and mentioned version is old. (ZLD4.33) If you are asking upgrade firmware from 4.72WK25 to 4.72WK35. The answer is yes, you can ignore 4.72WK28. Please backup startup-config file when operaing upgrading/downgrading firmware process. :)

Hi @PeterUK There is other interfaces configured as "external type" in your configuration. So the traffic should route to GRE remote gateway(94.173.27.164) was passed through by default route interface (exteral interfaces) but not your ge4. It is because ge4 interface is configured as "General type", so you have to add…

Hi @deltaahmetThanks for your advice for it. :) Astra App is encrypting traffic and forwarding data between smart phone and Astra server for analyzing the usage. It is unable to restrict user to operats(remove/stop App) setting on platform.According to your scenairo is much like "Mobile Device Management" which offering by…

Hi @PeterUK The issue is come from the GRE tunnel interface IP address has overlap to peer IP subnet, so it caused packets stop forwarding. You can assign a virtual IP address for your GRE tunnel(100.100.100.1/24), and add routing for required IP segmenet.

Hi @DanniKoolWhich IP reputation version is working on your device?I'm working on 1.0.0.20220907.0, and database without "Exploits" issue for antispamcloud.com(130.117.251.9) You may try IP reputation on latest version again.If it still exist, please provide the URL and nslookup result that tested from your PC for further…

Hi @PeterUK I guess one of IP address in your screenshot is belonging to device interface address, so it caused duplicate packets in captured result. Can you capture it again and share result to us? If it is accepted, you may send configuration to me by private message for further check. :)