The firmware WK19 has patched vulnerability in hotspot function.
If your device doesn’t enable hotspot function, then it is immune on your device.
There are 2 ways can
fulfill your requirement.
(1) Port forwarding.
can add NAT rule and mapping to internal AP IP address.
SNMP server have to support using different ports.
If SNMP server
support for VPN connection.
Then you can
establish Site-to-Site VPN tunnel with USG and query all of devices those
will check network healthy between client and server.
connection is dead, then SSL VPN tunnel will disconnect automatically.
At currently there
is no auto-reconnect mechanism.
I will add it as
You can go to
Download Library and search model to find USG100 firmware.
In the log it mentioned
“fail to change default outing”.
You can go to check adapter
status on your PC if “TAP-Windows Adapter V9 for Zyxel SecuExtender” interface
App Patrol function, there are some well-known VPN software are defined as
“tunneling and proxy services” category.
can block VPN software by this category.
to Configuration > Object > Application > And click “Add” button to
create a APP Patrol object and add “tunneling and proxy services” as member.
to Configuration > UTM profile > APP Patrol > Click “Add” button to
add a APP Patrol object. And select object which we added before.
Go to Configuration > Security policy > Policy control > Click Add
button to block it by APP Patrol rule.
blocking the VPN ports.
can group the ports as an object, and block the traffic from LAN to WAN.
these steps is able block almost VPN software traffic from LAN to WAN.
performance will different when testing by different PC.(if PC performance is
better, the result will be better)
280Mbps is very close to test result.
in multi-sessions scenario, the total performance will higher than it.
You can setup policy
route for this scenario:
address, Destination: any, NextHop: WAN2
Source: LAN subnet address, Destination: any. NextHop: WAN1