sk8erbender  Ally Member

Cert Cert is 2048 while in ssl settings use 1024 Should I create cert 1024 ?

Guys ! Good news I think I found version for latest Mac os look here! ZyWALL SecuExtender 1.1.9.pkg It works! THough I dont understand why if you go info- about it says 30 days trial license. I thought it's free application. Any info? Also same question about advaced config - how to set up dns suffix? Putting search…

Ok! Found solution myself ( works only on windows os ) Hope someone will find it useful Go to zyxel adapter settings put suffix manually Now everything works as expected . Pity that SecuExtender does not work on latest Mac Os Catalina and have a slow speed 10Mbp's. and no ios/ android support.... Though it's secure and…

So how to configure prefix domain.local for vpn_ssl ? Dont see any option in GUI maybe there is something in terminal ?

Ok! Figured it out. It seems I have dns leak from provider where I connect VPN_SSL. Used dnscrypt and then connected with VPN_SSL ( first setup with 2 dns 192.168.0.36 and 192.168.0.237) works good now. Last problem is. If I go http://test.domain.local ( full name) all good but I cant go http://test without full name .…

Ok Did some tests. Ive put DNS server Zywall IP 192.168.200.1 Ive put test.domain.local 192.168.0.48 in DNS zone Connecting to SSL VPN trying to ping test.domain.local get answer Pinging test.domain.local [127.0.0.200] with 32 bytes of data: Reply from 127.0.0.200: bytes=32 time<1ms TTL=128 Reply from 127.0.0.200: bytes=32…

What exactly steps to join in domain? Does joining to domain come from ATP or to join it I go to active directory - computers- add computer ?

Is your Firewall successfully connected with ad? Does it show up in active directory under computers? I did not join ATP Device to domain.

Also is there going to be improvement over 10 mbs?

So you mean I remove those DNS servers, put DNS server as Zyxel USG and manually add server names that I need to work ? It's good that I dont have many servers to try.. Will tell how it goes.

Sorry if stupid question where do I put it in on ATP500 ? atp500 have no DNs. active directory is dns server and linux server with dns

thanks, gonna use your tool and will tell you how it goes

Yes , Also users on ATP500 internet works for like 10-15 -30 mins then they need to log out from windows log in again .

Yes I followed exactly same guide. All tests get pass both on ATP and AD. But I dont see all users that are currently logged in . in sso agent located on AD.

It's not content filter See in logs IP Reputation Malicious connection:Exploits,BotNets,Phishing,Anonymous Proxies,Mobile Th 23.227.38.32:443 It's the ip reputation