alexey  Master Member

After reset to default config i can access to device. After i restore config again - i can't access to device. And why device not permit ping? Router> show interface all No. Name Status IP Address Mask IP Assignment1 vpn1 Down 192.168.78.100 255.255.255.0 Static 2 vpn2 Down 10.0.0.78 255.255.255.0 Static 3 local 1000M/Full…

I think the issue in your engineers, that can't do its work good. I will update problem device on weekend to this patch. So you have a 1-2 week to did new FW and come up with an new idea.

I wrote, that i disabled FW via console port and it not helped🙉. ZW device can't ping other LAN devices with message ping: sendmsg: Operation not permitted What this mean? That you broke another time your devices with new FW?

Don't helped. S - Stability, that on any FW Zywall crashed

@Zyxel_Jeff After update ATP800 to P2, all usg1000 tunnels up. Later on this week try some times reboot device and watch result Don't up 2 FLEX50W tunnels. Flex on P2 FW too. In logs error about duplicate ip adress, that problem in this thread Send new diag and IKE syslog from both devices to PM.

Its very strange. Last error was at 8-20 [2023-06-05 08:20:09.776] unpack_message_rr fail ret=-31unpack_message_rr fail ret=-31 After that next message after 2,5 hours [2023-06-05 10:55:31.026] OCTEON eMMC stage 1 bootloader [2023-06-05 10:55:34.822] Success. [2023-06-05 10:55:34.822] Branching to stage 2 at:…

The ipsec don't work with ZW 1000 too, that don't affected to last buffer overflow issue. Sand diag info to PM

@Zyxel_Cooldia @Zyxel_Adam @Zyxel_Andrew @Zyxel_Bella @Zyxel_Chris punch your stupid devs Same issue on ATP800 with last patch. Device hang. After restart half ipsec vpn tunnels don't up. Debug log.

Send access to PM

Not help. I disable CC on ge2 & 3 interface show connectivity-check status Interface Status Fail Count cellular1 Ok 0 vti1 Ok 0 vti3 Failed 2 vti4 Ok 0 vti0 Ok 0 vti2 Ok 0 vti5 Ok 0 VTI interface, that build via this interface ge2 in failed status. Also change error message Possible ARP spoofing attack on IP 10.0.1.64.

My bad. I forgot that CC can be enabled on internal interfaces, and it status not displayed via show interface command. I disabled CC on interfaces and still wait new error messages.

We don't use Nebula features.

Symptoms: after long time ipsec stops working. Help only change Authentication method on both side. If it was certificate, than change on preshared key, or vice versa.

Welcome to "Dissappointed Zyxel customers club"🤝

The problem on same device and diff interface. Message from syslog server: src="0.0.0.0:0" dst="0.0.0.0:0" msg="An ip address conflict is detected. bc:99:11:a7:7e:d3 and bc:99:11:a7:7e:d0 share the same IP address 10.0.1.64" note="" user="unknown" devID="d8ece5c45727" cat="System" show interface all 1 ge1 Inactive 0.0.0.0…