mm_bret  Ally Member

Update.I updated the firmware on one of my backup USG 1000 devices to: 330AQV7ITS-WK48-r74988.bin The device behaved great, and allowed me to connect to it from my Firefox browser without and TLSversion issues. HOWEVER the following problem presents itselfafter updating I see the attached error dialog when saving…

mMontana,Great comments and info. These USG 1000 devices are all over our infrastructure. We recently added a gb fiberconnection, and I soon found out the old girl may not keep up. We can only get about 350mbout of ours. I'll probably run the update on a backup USG 1000 to see how it effects any services. Funny, I still…

Not sure I understand. PeterUK, are you saying there is a firmware update?..seems as though you are ..mMontanaWe use advanced features and high numbers of vpns, l2tp vpns as allowed by this device. Unfortunate, since a new TLS protocol update is probably a small detail for a firmware update. We'll see...we have a new…

PeterUK,You have given me an answer to this problem. At this point the logs are littered with red log alertrejections. Excellent work!! It has been my understanding that firewall rules TO Zywall was to control access to the USG for configuration; gui interface etc. for specific ip addresses and services like https etc.…

In response to Zyxel_JamesWe have a rule which disables https to the Zyxel from WAN.

We have App Patrol disabled. I've played with this further:1. Limiting the firewall rule to WAN as the source2. Replacing the group of hacker ranges to a single range of ip addresses. It doesn't work. Also doesn't seem like we should be doing the experimenting. Regardless of age, this device should identify these address…

They have the newest firmware. We'll try some re-configuring, maybe break the deny rules into smaller sets of ip addresses. Standard duty for a firewall of this class. A bit surprised. Really appreciate the dialog.Bret

PeterUK, Thanks for taking a look.

Peter,I have a managed switch..so I'll investigate that option.Regarding the ip/mac binding, I was playing with that on a local USG 1000 in my office, and locked myself out of the router. Luckily I had backed up my startup-config and recovered nicely..However I couldn't figure out how to block in the firewall.Should I…

Thanks for jumping in. We currently have site to site tunnels from our San Jose data center to all our retail showrooms and the Chicago data center. But what I want to do is to still have our outside sales staff connect to the San Jose data center, but route specific RDP requests to the Chicago data center. (which we have…

Jerry, My current firmware version. 3.30(AQV.7) / 1.14 / 2015-01-14 21:13:57 I don't use dropbox. Is the one you are sending newer?

So in front of your router you get 200? You have l2tp_vpns, ssl or other vpns? We have loaded up USG 1000 devices and loads of vpns, both l2tp and IPSEC. Off our 20mb fiber provider, we always get 20 (I know these days, it's nothing), but the USG 1000 is killin it. I have a USG 100 in one of our showrooms, I'll check…