Best Of
Re: How do I make the SSL VPN work with the Security Policy Enabled
Had same problem. Fixed with:
Configuration => Object => Service => Service Group need to add to group Default_Allow_WAN_To_ZyWALL new member - HTTPS
Configuration => Object => Service => Service Group need to add to group Default_Allow_WAN_To_ZyWALL new member - HTTPS
Olegaas
5
Re: USG20-VPN email setup
Have you verified that your SMTP/POP/IMAP ports are open (depending on which ports you need)?
https://www.yougetsignal.com/tools/open-ports/
https://www.yougetsignal.com/tools/open-ports/
Re: NSW100-10P not showing online on the Portal
Hi @Draegan ,
I will PM you later for the latest firmware and the upgrade steps.
Please check your Forum Inbox.
Thanks.
I will PM you later for the latest firmware and the upgrade steps.
Please check your Forum Inbox.
Thanks.
Re: USG60 - SessionMonitor failed
@SDZP
As I checked it locally, the device is working fine, therefore can you private message the configuration for check further?
Charlie
As I checked it locally, the device is working fine, therefore can you private message the configuration for check further?
Charlie
Re: SNMP Management
@Nebula_Chris: could you please let us know the result of the eITS discussion here afterwards. The SNMP details would be also relevant to us ...
Re: Multi SSID
Hi @JKoppen,
Thanks.
The maximum SSID number is 8 for each site, so if you need two kinds of SSID configurations (4 SSIDs and 6 SSIDs) for different AP group, I recommend to split the APs in 2 sites according to the SSIDs.
Thanks.
Re: ZYXEL UAG 2100 CVE VULNERABILITY
Hi @caronte
4.18 firmware is not using the affected apache version. So UAG2100 is immune from CVE-2011-3192
Regarding to CVE-2014-5329, it seems not be published in detail, we'd like to learn how did you get this information and what's the CVE content?
4.18 firmware is not using the affected apache version. So UAG2100 is immune from CVE-2011-3192
Regarding to CVE-2014-5329, it seems not be published in detail, we'd like to learn how did you get this information and what's the CVE content?
Re: USG110 Inter VLAN routing (router on a stick)
Just a detail:
Disable DHCP option in the base interface.
Disable DHCP option in the base interface.
Re: USG110 Inter VLAN routing (router on a stick)
That's just different term between Zyxel & Cisco but the same meaning.you DO NOT create a virtual interface (sub interface) on the USG110. You only create the VLANs on the USG110 and the switches.
Zyxel - virtual interface, a sub interface with secondary IP on the based interface
Basically, here the concept on Zyxel firewall ports, interface, vlan interface
1. First, to define the physical ports as a group to bind with an ip interface
Go to GUI, Network > Interface > Port Role page
In this example,
Port 3, 4, 5 binds to lan1 ip interface
Port 6, 7 binds to lan2 ip interface
2. Create vlan interface on top of the based interface
Go to GUI, Network > Interface > VLAN page
(1)Interface Type:
recommend you select "internal" type, it's like inside interface of ASA.
You can can configure DHCP server on this type of interface.
Also, the router will auto doing dynamic PAT for traffic from internal type interface(inside) to external type interface(outside)
(2)Interface Name:
It limit the name need to use "vlan" as prefix and following digit 0-4094, usually I configure it same as the vlan id for easy understand.
(3)Zone:
Zyxel firewall is a zone based firewall. This is the binding zone of this vlan inerface
There a default firewall rule allow zone:LAN1 to zone:any. So you can select LAN1 first then change it later as you want.
(4)Base Port:
This term might be a little bit confuse. It's means binds with the ports that binding on this base interface. (That configure in the first step)
Or you can think it the subinterface with vlan id of base interface.
(5)VLAN ID
The traffic send out from this vlan interface will tagged with this vlan id.
Also the incoming traffic tagged with this vlan id will routing/filtering by this vlan interface.
The base interface will routing/filtering the untagged traffic in & out.
So in your case, about the firewall settings.
First, at least 2 ports bind to lan1 interface as VLAN trunk port to connect 2 GS1920 switch.
Second, create 6 vlan interfaces for each VLAN
Re: VLans on Zyxel GS3700-24 (Firmware V4.30(AAFY.1))
Hi @Webix
Welcome to the Zyxel community!
Based on your description, you should also configure corresponding PVID for the ports connecting to PCs, and do remember to set as untagged-out.
Hope it helps.
Zyxel_Lucious
Welcome to the Zyxel community!
Based on your description, you should also configure corresponding PVID for the ports connecting to PCs, and do remember to set as untagged-out.
Hope it helps.
Zyxel_Lucious
