itxnc  Ally Member

I don't think you can migrate self signed from one device to another - you'd have to create new certificates for the new firewall...

Check this thread: https://community.zyxel.com/en/discussion/9846/advanced-threat-protection-tab-hung-cpu-spike#latest There was a bad App Patrol signature causing the Web GUI to hang up. Forcing an update of the signature fixed the problem.. 

AWESOME - thank y'all for such quick response. Fixed the CPU hog issue AND I can get back into the ATP tab. Excellent!

We've been trying to test out the custom page, but the logo image is always broken. The URL it's going to is the external IP of the router instead of the internal one. Since Port 80 is blocked external... And the color styles don't work either (because the CSS link does the same thing) Do we have to create some weird…

We've seen the SHARE thing once or twice with our clients. Always goes away on boot. The version issue was due to Zyxel pulling 4.60 right after it got released to fix a critical security issue. When the Patch 1 version came out it seemed to hit the download servers before showing up in the cloud query.

Must be the fast forwarding or something changed by 4.38. Ran a diff between 4.60 and 4.38 (couldn't find 4.36 to download) and the only changes were to some default WLAN parameters, removal of des cipher/TLS1, changes to the default Content Filter profiles (which are disabled by default anyway), and some setup for…

Excellent - was looking in the wrong 2FA tab. Thank you!

Will be well worth the wait for the custom block page: [ENHANCEMENT] Support customized block page of Content Filtering and URL Threat Filter at Notification > Response Message And this!! 10. [ENHANCEMENT] Support Google Authenticator two-factor authentication for administrator access. UPDATE: Where is it? Only options are…

Going to bounce this for some more attention as well. Having 2FA is *great*, but the requirement of an active Internet connection is... a problem. Currently we lock down the Admin GUI with 2FA and leave the local SSH access without it. So if we have to get into a router, we SSH in, turn GUI 2FA off, and get into the…

That's what I figured - but just wanted to make sure. Thanks!

First, you need to setup the Email to SMS Integration on ClickSend and make sure the email address SENDING the message from the Zyxel gateway (configure in Notification -> Mail Server tab) is listed: Add it under Manage Allowed Addresses (the sending address listed in the Mail Server tab on the Zyxel) On the Zyxel side,…

So in an Active/Passive scenario where you kill connections on fail back, is there any difference between Spill-over and least load?

Suspect it was a lingering connection. I had not checked the 'Disconnect Connections Before Falling Back' I also had used the wrong algorithm. Initially we'd used a cellular modem- which the KB says to use Weighted Round Robin for:…

Correct - the extension LAN is sort of a 'shim' network but you'll have direct access to the LAN as long as the SSLVPN to any (or LAN1) default firewall rule is still there. LAN1 will route to 192.168.200.x automagically. No routes needed. And if your tunnel is a split tunnel, you create a LAN1 -> SSLVPN firewall rule…

Namecheap 1Yr certificates are super cheap and work great on Zyxel routers. < $10/year. But you can also just take HTTPS out of the WAN to Zywall service group if you don't use remote admin or SSL VPN.