Zyxel_Stanley 
Guru Member
Comments
-
Hi @CopierInnGroup23 Wellcome to Zyxel community. When creating a VLAN interface, the base port setting is automatically filled as the first Ethernet port. You can make suer your VLAN base port setting matches your physical connection.
-
Hi @EvanYamasaki I recommend upgrading your USG100 and USG20 to the latest version, V3.30P9 (WK48). Additionally, enable both the Nail-up and Connectivity check features in the "VPN Connection" setting to automatically recover VPN tunnels and prevent unavailable connection again.
-
Hi @Peppino You can backup your configuration first. And have a try to upload firmware to "firmware2" folder by FTP connection. If it still have problem, then it have to check the issue direclty by remote access session. You can drop private message to me if you need further help on it. :)
-
Hi @PaoloFracas You can have a try to use IP 0.0.0.0 address object as "local policy" in phase2 setting.
-
Hi @mMontana We need your help to arrange remote HTTPS conenction for further check this issue. If it is possible, please forward it by private message to me. :)
-
Hi @PavelCh The previous issue seems come from wrong character in configuration. How about share your configuration for further check? and also let us know which IP/MAC rule with the problem. :)
-
Hi @spectra Thanks for your advice, SSO we will consider it to add into FLEX/ATP in the future. :)
-
Hi @GFH USG20 support SSL/L2TP VPN or Site to Site VPN. SSL and L2TP VPN are belonging to client to site VPN. You can use SecuExtender or Windows Native client to steup VPN tunnel. You may refer to FAQ for L2TP VPN and SSL VPN to setup VPN tunnel. Site to Site VPN tunnel is for the other VPN gateway or IPSecVPN Client. You…
-
Hi @imranhashmi127 If the issue resolved after upgrading Frida version, then issue may not caused by firewall. Since there are too many resources on server, it may include lot of unsecured data. For security reason do not install untrusated App from non-certified website. :)
-
Hi @mMontana The symptom doesn't happen in my test result. I will send you private message for further check. :)
-
Hi @Gaudia You can make sure your (default)firewall rule already allowed traffic from "VPN zone" to "Intranet". You may have a test ICMP for make sure there is no VPN routing issue first. And also, make sure Ignore "Don't Fragment" setting in IPv4 header is enabled, and your PC firewall allows the traffic.
-
Hi @PeterUK Without WILDCARD FQDN: Allowing port 53 and 443 from LAN to WAN. --> Allowing port 53 & 443 traffic from LAN to WAN and without any limitation. With WILDCARD FQDN: Allowing port 53 and only WILDCARD FQDN for port 443 from LAN to WAN --> Allowing port 53 & 443 traffic from LAN to specifc IP addresses but blocks…
-
Hi @mMontana This symptom fixed in ZLD5.32 firmware. Please have a try to upgrade to latest version and check if it is helpful.
-
Hi @TAPTech Nebula IKEv2 with remote access VPN tunnel only support for IPSec VPN Client. It doesn't support for Windows native client. Please consider to build IKEv2 VPN by IPSec VPN Client or change tunnel type as L2TP VPN on server side. :)
-
Hi @PeterUK If the old IP address used by attacker, and whom known public IP address, then it may attack your PC from Internet. (it is because the NAT session table still exist on firewall)
