USG 4.33 Firmware Available - Experiences?

PeterUK

itxnc said:

Ah that's an interesting change... That's actually better for us - we often squelch upload bandwidth for clients with small upload pipes to leave headroom for ACKs. Honestly didn't think they were ever in the BWM chain so w/4.25 for us - there was actually no point leaving the headroom. Now it makes more sense. But can see how it would affect what you're trying to do with BWM. Seems like they could make it a toggle...

Its worse for people who have low upload bandwidth as when you upload and download at the same time what should be your Egress limit goes over and hits your ISP non QoS limit and buffers everything.

Zyxel_Charlie said:
@PeterUK
Regarding to the case of BWM,
we will enhance this feature on further release, and the schedule will be around Q4.

Ok look forward to that 

itxnc

Charlie - we went from 4.32 to 4.33 in this case. 

Have a couple more routers that auto-flashed 4.33 but reverted to running 4.32. Still digging into those. As for the router I originally posted about - it's a fairly big client so will take a bit to setup a factory reset and restore. Want to dig through the USB logs some to see if there's some config option causing grief before we do that. Will post what we find...

AntonioX

My ZyWall 110 autoupgraded from 4.32 to 4.33 few days ago.


I can reach the web interface from external and from internal.
From internal, I can surf on the internet.

I can't access our servers from external :-(  

NAT and policy control rules are OK.

I reinstalled the old USG300 and everything went back in place.

Any clues? I flashed firmware again, reloaded the "previous" configuration but nothing changed.

Zyxel_Charlie

@AntonioX
As I checked case of Port forwarding with firmware 4.33 version locally(RDP and FTP case), and it is working fine.
Can you try to disable the firewall and check it again?
I will private message you later for more details.
Charlie

AntonioX

Hello, Charlie.

I did it but nothing changes :-( 

AntonioX

I connected my old USG 300. I can reach our servers from external.
Then, I connected my old USG 100. I can reach our servers from external too.

I connected the backup USG 210 (last firmware), configured it from scratch and... no, I can't reach our servers from external :-(  

The setup is very simple:

A ) NAT rule: Virtual server / incoming - WAN1 / External IP - WAN interface IP / Internal IP - the IP of the internal server / Port mapping HTTPS - HTTPS

B ) Policy control rule: From - WAN / To - LAN1 / Source - any / Destination - the internal server / Service - HTTPS / user - any / schedule - none / action - allow / log / no licenses are active

(enabling/disabling Policy control has no effects)


If I try to access from external (https://my_public_IP), I get ERR_CONNECTION_REFUSED but, in the Monitor --> LOG --> view log page, I don't see anything.


I'm going mad  

What about a factory reset? 

iSpeed

I would factory reset personally.  Get it on 4.33, factory reset, and then reprogram.

PeterUK

Can the internal server connect to the internet fine?

If you do a packet capture on WAN do you see the incoming traffic to 443

To get Port mapping HTTPS – HTTPS did you change the GUI port?

AntonioX

PeterUK said:

Can the internal server connect to the internet fine?

Yes.

If you do a  packet capture on WAN do you see the incoming traffic to 443

I'll check, thank you

To get Port mapping HTTPS – HTTPS did you change the GUI port?

Yes, it is on 443XX

AntonioX

iSpeed said:

I would factory reset personally.  Get it on 4.33, factory reset, and then reprogram.

:-( I'll do