dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3082
share rss forum feed

posthaste

join:2001-05-20
Champaign, IL

USG 200 Invalid Certificate with Web Interface

I'm getting hit with an Invalid Certificate when accessing the USG 200 through its Web interface.

»www.descargas-microbr.com/operac···ml#preg9

The above link has a series of steps to fix it, but requires hooking up the computer to the router's console port.

Is there a quicker, easier way to address this problem?

The USG 200 is running the latest 3.00(AQU.2) firmware.

Thanks!
--


Kirby Smith

join:2001-01-26
Derry, NH
Reviews:
·Fairpoint Commun..

That happened on my USG 50, and since I've never hooked anything up to its serial port, the question is can I remember what I did (at someone here's suggestion, I'm sure.) What I vaguely remember is that you need to delete the USG certificate your browser is keeping, as well as any USG cookies it has. I think after that it will generate a new one. If I can remember where my notes on that might be, I'll refine these directions.

kirby



aes128

join:2003-12-19
Saint Clair Shores, MI

I had a similar thing happen to me. The cert expired on my USG and I was unable to logon to it. While I am experienced with such things this took me several hours to debug. I believe I had to connect via the console port and reset it. I think this was because I had generated my own cert on the device and forgot it would expire in a few years however when expired I did not expect it would no longer allow me to logon.


Kirby Smith

join:2001-01-26
Derry, NH
reply to posthaste

Notes I have are actually pages 871 et seq. from the pre 3.0 USG50 User Guide, ZyWALL USG 50_2.21_Ed4.pdf.

kirby


posthaste

join:2001-05-20
Champaign, IL

Thanks, Kirby, I downloaded that PDF and followed the directions beginning at page 871, but no joy. It's still throwing up an invalid certificate error when trying to log in to the USG 200's Web interface.


Kirby Smith

join:2001-01-26
Derry, NH
Reviews:
·Fairpoint Commun..
reply to posthaste

You could try PuTTY or such and log in through the command interface. But I don't know what you would have to change to make it generate a new certificate.

In extremis, you can let ZyXEL tech support log in, if the external firewall passthrough for HTTPS is still active.

kirby



Gork
Ou812ic

join:2001-10-06
Bountiful, UT
reply to posthaste

Perhaps I shouldn't be posting in a month old thread, but after pondering I figured it'd be ok. These are the notes I have with regard to fixing the problem - if I properly understand the problem of the OP, I mean. Bear in mind I'm using IE on Win7-64 to connect to the web interface of the USG. Also, my router is the USG 20W, though I doubt there'd be much difference if any at all.

CERTIFICATE ERROR (in the browser)

Configuration -> Object -> Certificate; create new cert. w/ path to GUI (192.168.1.1 by default)

Click on the new certificate and choose to edit, then "Export Certificate Only"

Configuration -> System -> WWW; select the new certificate from the drop down box

Windows + R; certmgr.msc; Import the new cert. into "Trusted Root Certification Authority"

Ref: »Zywall USG50