itxnc 
Ally Member
Comments
-
Reboot of the router didn't help. Still getting blocked by the 2nd rule, even though the first rule is active and logs normal traffic for the machines in question.
-
I'll check for double NAT. Site has been in bridge mode forever, but Spectrum likes to randomly reset back to router mode. I can confirm the DNS profiles were applied to both the WAN and Zywall rules. The thing that's so weird is the logs show the block is happening from the 2nd rule, not the first, but when I turn logging…
-
Yes - there are two separate Content Filter profiles - one for each rule. There is no DNS bypass - this is a Microsoft AD environment. They all use the domain servers for DNS (forwarded to the FLEX) We try to include the canaries/GPO for disabling DNS over HTTPS, but if they were using DNS over HTTPS, you would expect them…
-
So, you made a full bypass. Try this. Make rule one block, say, porn and residential IPs. Make rule two block porn, residential IPs, and online shopping. Now go to an online shopping site with a machine that should use the first rule/filter. Here's another weird thing. One site we're messing with is www.jlindeberg.com In…
-
Yeah my excitement may have been premature. I just assumed I'd see SOME data in the stat screens, but everything is empty. I figured maybe it needed 24 hours to gather information before displaying. But you are right - all I see is the uptime. That's disappointing. I'm not asking for realtime traffic stats, but the basic…
-
We tried to reinstall, no luck. Checked the security panel in MacOS and didn't see where it was being blocked. We migrated them over to the new IPSec client w/IKEv2 for now (all the other users with this client are Windows). But if we get another Mac user. we'll try the steps in that article. Thanks!
-
This isn't with the IPSec client. It's with the SSL VPN SecuExtender. Worked great until 13.4.1. Now we get this error. We're trying to convert them over to the Mac IPSec client now.
-
We just started seeing this same problem on Ventura 13.4 and 13.4.1 Do we need to wait for an Apple fix or is this something Zyxel is looking into? Or will we just need to finally move to the Zero Trust VPN or macOS?
-
Checked one of our ATP500s and it looks current on the new 5.36.1 firmware so far
-
Just curious - why would you downgrade before the upgrade. I know that gets you cloud update - but you can manually upload to go right from the lab firmware version. Wonder if that had an impact…
-
I was skeptical reading the marketing speak about this - but I'm honestly VERY excited about this product. We've deployed Zyxel USG (and now FLEX/ATP) gateways to business clients for years and they love them (as do we). We don't manage them via Nebula because it limits so much in terms of configurability of a USG/FLEX/ATP…
-
We're seeing the same thing on ATP and Flex w/Gold
-
Just to give everyone an update - best we can tell this was/is some weird issue on the ISP backend? They supposedly had techs check out the backend equipment when they "saw metrics that concerned them", but never heard one way or another. The problem seemed to dissipate. However, it does still happen, just now it's…
-
So… this was new (tried to SSH into the router with Putty) CLI via browser worked fine, but this was unexpected… We're on the 2023 WK06 firmware
-
We will definitely do this. It's possible this was a weird provisioning or headnode issue. After a 2 hour call with the ISP apparently they saw some issues with the headnode metrics/signals so they're sending a tech out to check things on the 'other end' So right now the connection is stable for the first time in days, but…
