Best Of
Re: NSG50: L2TP VPN connections
Have you check L2TP pool size? If it's /32 then sure it can only allow one connection.
ivers
Re: Group of IP addresses
Hi @cpg_juraj
Here is the example to group IP address
Go to Configuration > Object > Address >Address > click Add
Add two IP range into the rule
After added in to the rule, go to Configuration > Object > Address > Address Group > click Add
Select previous IP range to group the member.
Then can select the group IP address as destination in Firewall Rule
Re: Group of IP addresses
Hi @cpg_juraj
Yes, you can create the rule to block the source IP address.
Re: USG60 Initial Setup Wizard - Port Forwarding does not work V4.35(AAKY.3) / 2020-02-26 17:00:28
Hi @Romank
Welcome to Zyxel community
Can you share what interface name are you current using?
Is there any specific character in it?
Re: Connection site to site with peer dynamic
Hi @delescja
Welcome to Zyxel community
Is this your topology below?
Is there any additional policy route on both USG20 and USG40 ?
Or there is any Security Policy rule blocked the traffic from the HQ site to home?
Can you have a check on the HQ site log if there is any blocked message on it when access from the other site?
Re: vpn client and nat server
Welcome to Zyxel community
Is this your topology below?
IPSec VPN client need to join the AD domain and get the IP address the same as subnet 192.168.200.X?
Re: Tunnel Up Time in Nebula Vpn Hub-And-Spoke
Hi @Nertibus
Welcome to the Nebula community!!😊
The tunnel uptime is related to phase 2 rekey lifetime and the default setting is 86400 seconds, when it 's rekey the traffic should still pass-through should not have the service impact may I know if you have encountered any issue?
Re: Zyxel Firewalls - Urgent need of other 2FA methods! via Authentificator apps / Yubikey..?
Thank for your suggestion.
This request is already in idea section, we'll evaluate the possibility of enhancement.
Re: Match default rule, DNAT Packet, DROP
Hi @Hoygen83
In the default Policy Control rule do not allow telnet to access device.
Go to Configuration > Object > Service > Service Group > select Default_Allow_WAN_TO_ZyWALL >click Edit
Add TELNET into Default_Allow_WAN_TO_ZyWALL group
Then you can telnet to access device.
Re: USG 40 - Extension for SSL VPN
Hi @kaika313
Yes, the License Code to extend 10 SSL VPN user for USG40 is LIC-SSL-ZZ0016F,
Here is the reference of USG40 specification.
https://www.zyxel.com/tw/zh/products_services/Unified-Security-Gateway-USG40-40W-60-60W/comparison