e_mano_e  Freshman Member

This vulnerability mainly affects only systems where WAN access to the administrative web interface is enabled, right? If WAN access is disabled, there is not much risk to my firewall for now, right? I'm just asking to make sure how fast I have to apply the firmware patch.

@Zyxel_Jeff: Thanks, but this will reject VPN traffic from USA only. And I do not want to add 100 countries to the GeoIP-Group. Will it also work if I create a GeoIP-Group with 3 or 4 countries that are allowed and then create the same policy rule with "Action=allow". When the policy rule explicitely allows VPN traffic for…

@Fred_77 Sounds good. But where do I find the white list?

@Zyxel_Dick your explanation would be a great addition for the Zyxel Web Online Help.

@Langaber Client-to-site. @mMontana hat schon Recht. Mein genannter Link/die PDF erklärt site-to-site. Ich hatte das dann wohl abgewandelt bei der Konfiguration. In der ATP Konfiguration ist "Remote Access (Server Role)" die richtige Einstellung. 

Es gibt auf der Shrewsoft Website eine Anleitung. Die ist zwar in Bezug auf eine USG, passt aber auch für die ATP. Mit Hilfe der Anleitung habe ich Shrewsoft zum Laufen gebracht. Hier der Link: https://www.shrew.net/support/Howto_ZywallUsg


Is CES part of the ATP100 license? Or do I have to purchase CES as a separate license? Jens

That's exactly the same for me but I wanted to configure some custom spam lists for incoming emails. Thanks so far. Jens

Oh, I never thought about this in detail. But than the Email Security feature of the ATP is completely unuseable. Or am I wrong? All email traffic should always be done using a SSL/TLS encrypted way. Jens

I just read in the Zyxel Online Web Help the following: The Zyxel Device’s email security feature checks SMTP (TCP port 25) and POP3 (TCP port 110) emails by default. You can also specify custom SMTP and POP3 ports for the Zyxel Device to check. My Mailserver is configured to use POP3 on port 995. That should be reason why…

It would also be helpful if the port names were shown everywhere where ports are configured. E.g. "Configuration - Port - EEE" and "Configuration - Port - PoE" and "Configuration - QoS - General"

Hi! Can you please share the PDF download link? Jens

@Michael_I Is the timeout problem fixed now?


I currently don't remember. I think I just downloaded and installed V4.50 over V4.55 but I'm not really sure currently. It could also be possible that I've done a factory reset. However, V4.50 works without problems, and since Zyxel has said they are working on this problem, I will not try V4.55 again. Instead, I will…

Hi I already reported this in early June here in this forum just after updating firmware to V4.55. (I'm using an ATP100.) I also contacted Zyxel support but they told me that this is not a general problem. I reverted back to firmware V4.50 and since then I've never seen a timeout again. Currently I do not have time to try…