alexey  Ally Member


Last Active


  • [2021-08-04 20:12:46.404] fqdnMODULE_ERR[fqdnObject_process_tcp_dns_data():639] TCP DNS cannot find any matched query node, ret=4!![2021-08-04 20:13:49.356] unpack_message_rr fail ret=-31unpack_message_rr fail ret=-31unpack_message_rr fail ret=-31unpack_message_rr fail ret=-31unpack_message_rr fail ret=-31unpack_message_rr…
  • your forum works like devices...can't attach, qoute, like. Permission Problem You need to enable javascript to do that. On all devices.
  • +1. Today stop works ipsec via USG1100 and USG1000 after reboot of USG1000. Helps change ipsec gw on other ISP. USG1100 on 4.65 fw. We collect debug data via com from 1100 all time. Nothing interesting. It was around 23-45. 
  • Hi. You can do this via plink software. simply create a bat.file, with same content echo y|plink.exe -ssh -l admin -pw Password "exit" - that need for auto accept ssh public key. that command can be missed, if you accept manually piblic key plink.exe -ssh -l admin -pw Password…
  • This happened again today. USG 1100 fw 4.62
  • 1 yes. i correct only 1 ipsec name, that was shown in debug log 2 i don't think so. now device work properly on this config, and i recreate pppoe connection. config files don't have any other diffs. we use git to safe conf file from all our devices every day, so i can see diffs from any day. 3 send file
  • hi. 1 usg 1100 fw 4.62 2 of course it was configured 3 after device reboot it cant load on current config and rollback to lastgood config. pppoe works. after manual change current config (it was wrong name for vpn tunnel) i reapply current config, after that pppoe don't connect and starts records in debug logs. 4 yes. i…
  • Duration in seconds MSSQL daily full backs by windows smb. Size change for hundreds mb every day. 18.12 - 13127 19.12 - 12675 22.12 - 14517 23.12 - 13488 24.12 - 13578 25.12 - 14377 26.12 (after update) - 20433 27-28 - don't finish. 29.12 - 20303. Oracle daily full backs by ftp. 22.12 - 1h 27m with average speed 6 mb/s…
  • Hello. If you need access to other networks via vpn tunnel, you can do this by policy routes. Add as destination remote lan and set next-hop - vpn tunnel. All traffic to this net will goes via vpn.
  • we found solution. device support gave technical requirements to network connections (MTU at least 1400). on vti interface was set 1400. device don't connect. i changed mtu from 1300 to 1500 - nothing i replace vti simple ipsec ike2 tunnel on all default settings. device starts to connect via ipsec. as i see, default mtu…
  • I can't see this packets on device on main site. It don't estabilishe any connection with remote peer, so device on site B don't have any back connections.
  • Here flushed traffic for ipsec protocol. It goes direct to vti tunnel. If i add custom route for this device direct via providers vpn, they work perfectly. They don't work via ipsec.
  • У меня есть идея получше. Надо написать в РКН, что на этих ip-адрес расположены сервера телеграмма. Пускай заблокирует их на территории России. Современные проблемы требуют современных решений.
  • Hi @Zyxel_Stanley All routes are fine. Other devices work normal. On problem device don't work only IPSec service, ntp & dns work properly. I can see connections from this services on main device. We have no direct access to this device so i can't ping destination address ftom it.
На моменте внедрения порядка 2,5 лет назад пытались обращаться в русскую ТП по почте по поводу регулярно падающего ZySH демона на 1100 и 110. Получил полное игнорирование проблем и пришел сюда. Возможно было связано с реорганизацией российского подразделения. Ну а ветки на форуме и в помине не было. Ну а по поводу…