dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
26632

Gork
Ou812ic
join:2001-10-06
Bountiful, UT

Gork to Brano

Member

to Brano

Re: USG Firmware 3.30 is out!

Hey Brano See Profile... Did you "downgrade" or are you running v3.30 while you wait for an update?

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

I'm on 3.30. Other than BWM (which I've disabled) I have no issues with the FW.

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

same same, don't use BWM, rest is working for me.

Gork
Ou812ic
join:2001-10-06
Bountiful, UT

Gork to Brano

Member

to Brano
said by Brano:

I'm on 3.30. Other than BWM (which I've disabled) I have no issues with the FW.

My results as well. I didn't even try BWM - haven't ever used it.
Kirby Smith
join:2001-01-26
Derry, NH

Kirby Smith to Brano

Member

to Brano
One anomaly I've noticed is that the dashboard shows no intrusions in the top 5 section. IDP is the only service I have licensed this year, and for v3.00 B4 there were reports. Further, I haven't seen any recent update notices in my email, the last of which appears to be on 8/28. IDP is shown as on. Was I supposed to do something ZyXEL didn't bother to mention in "Read me first" or in the upgrade instructions at the back of the change notes?

kirby
hardstyler
join:2013-02-17
34100

hardstyler to Brano

Member

to Brano
Kirby same here!!! latest email for idp was the first for new idp version then stop!!! I hope they upgraded email accounts also for new idp or....no oh no, i don't want to email them....they interrupted sending me that alerts in march: only after 45 days they solved it, in the meantime they, accordingly to me, sent test emails but became crazy is only the good experience in that period!!! received mails that are also for zywall 35, idp 10 and more, and today they have not solved the double o triple mails they send to me for ZAV AND KAV but in that months i told them but no solution, they sent all mails to me massively without think about what is ok or not...and they know what you are subscribed on but they simply ignore.

I use as for the past two years to active all idp signature, log alert and drop for all, today they updated to 3051 version then i'll che k in the category screen for someone not set as mine though then modifie.

never check in the app patrol, this update services contains tones of signatures and is longer to check all now.

if they stop sending mails i will not renew the service, same as cf and antivurs next year, then pass to another better brand.

and also remeber, many times they update signatures but some are with no action about countermisures and no log and yes: are not active rules!!! so why they do it? to enlarge and slow the performance of appliances?
Kirby Smith
join:2001-01-26
Derry, NH

Kirby Smith to Brano

Member

to Brano
Thanks, hardstyler.

I haven't seen an email notice lately, but the USG 50 reports on the IDP page that the latest version is 2013-09-17 11:19:16. Maybe it is silently upgrading the signatures. However, one might expect it to detect something now when previously it detected stuff every few minutes. Maybe they decided the old detections were false positives and the new signatures don't include those characteristics.

The IDP statistics claim 14137046 sessions checked (presumably since the 3.3 upgrade) with zero packets dropped or reset. And all bad guys have retired from the Internet.

On the other hand, according to the log the firewall is blocking and dropping a lot of UDP aimed at port 7561 of one of my WAN addresses.

kirby
hardstyler
join:2013-02-17
34100

2 edits

hardstyler

Member

arrived email some hours ago, finally! I was in suspense for these e-mails: don't want to re-do the same thing of 6 months ago....NEVER!

the signatures updated are only 3, but deleted and the new added are really a ton! and I think they are not all in that list, just now I ended to set as I want all signatures, not counted but I think they are more then the list anyway check your private message, I sent you something.

about your problem in the dashboard....can't help! but try to do a free port scan from some site, or use a trial versione of GFI LANGUARD and if you have not too much time simply do the test of the TOP 20 VULNERABILITIES and you'll see absolutelly logs and dashboard populated! Mine was, dashboard and so logs. try it! ah, these tests are not dangerous and the program is known and approved, is not a hacking program to exploit your network and let it open forever so if you run a company's network you'll not be dismissed! ;D if you want use metasploit for example then you must know what are you doing but don't ask to me, I'm noob!
Kirby Smith
join:2001-01-26
Derry, NH

Kirby Smith to Brano

Member

to Brano
I'll try to do that experiment this weekend.

k
daveyeager
join:2004-04-21
Columbus, OH

1 edit

daveyeager to Brano

Member

to Brano
3.30 (aqq.1) is on the ftp site »ftp://ftp.zyxel.com/ZYWALL_USG ··· 1)C0.zip

Features: 3.30(AQQ.1)C0
Modifications in 3.30(AQQ.1)C0
1. [BUG FIX] eITS# 130903164
Symptom:
Actions in IDP profile can’t be correctly saved after reboot.
Condition:
It occurs when the rule action default is none and then set to reject-both.
2. [BUG FIX]
Symptom:
It occurs to kernel crash when enabling BWM service.
Condition:
1. Create a service group contains at least 2 service objects which belong to TCP protocol.
2. Enable BWM service and add an BWM rule with the following setting:
a. Choose “Service Object” as service type.
b. Select the service group just been created from the Service Object drop-down list.
3. It will occur to kernel crash later when you have TCP traffic pass through device.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

Perfect! let's see if they fixed the BWM throughput as well.
FirebirdTN
join:2012-12-13
Brighton, TN

1 edit

FirebirdTN

Member

So whos gonna be the first guinnea pig? I'm at work, and got burned by the last upgrade [since I use BWM], so I think I will wait and play around with this one on my personal router at home over the weekend first.

-Alan
JPedroT
Premium Member
join:2005-02-18

JPedroT

Premium Member

said by FirebirdTN:

So whos gonna be the first guinnea pig? I'm at work, and got burned by the last upgrade [since I use BWM], so I think I will wait and play around with this one on my personal router at home over the weekend first.

-Alan

Upgraded our USG-300 works fine for me, but we do not use the BWM, since our link is 1Gb, thinking about getting a ZyWALL 110 to get more out of our link.
Kirby Smith
join:2001-01-26
Derry, NH

Kirby Smith to Brano

Member

to Brano
Path to USG -50 repository is »ftp://ftp.zyxel.com/ZyWALL_USG ··· irmware/

New version is ZyWALL USG 50_3.30(BDS.1)C0.zip 63661 KB 09/25/2013 10:50:00 AM

I'll get to it later.

kirby
lorennerol
Premium Member
join:2003-10-29
Seattle, WA

lorennerol

Premium Member

Not so many early adopters this time, it seems (he says, from the sidelines again)
FirebirdTN
join:2012-12-13
Brighton, TN

FirebirdTN

Member

said by lorennerol:

Not so many early adopters this time, it seems (he says, from the sidelines again)

Now sounds like a great time to "take the bull by the horns".

-Alan

kbonnel
@qwest.net

kbonnel to lorennerol

Anon

to lorennerol
Just did the update on my USG 50, everything seems the same. I have the BWM enabled and SIP option selected, but my speeds tests for both my cable and DSL connection still show the same maximum speed. Cable approx 40 - 45 down 15-16up (plan is the Comcast Blast, which I believe is 50/10), DSL 41-42 down and 15 - 16up (plan is the 40/20 from centurylink, but my modem trains in at 45/20)

I tested with BWM on and off. So for me and my connections I don't see any issues. (though if I read the threads correctly, the limit was around 50mbps?

lacibaci
join:2000-04-10
Export, PA

lacibaci to Brano

Member

to Brano
I also updated my USG50 with the new firmware - no problems so far. I am not using BWM.
kbonnel
join:2013-09-27
Denver, CO

kbonnel to Brano

Member

to Brano
One thing that is interesting, is that my startup configuration file went down in size, but everything appears to still be the same. So they must have done some cleanup somewhere. Went from a size of 25564 to 24833.

mozerd
Light Will Pierce The Darkness
MVM
join:2004-04-23
Nepean, ON

mozerd to Brano

MVM

to Brano
On my USG 100 --- Installed the FW update. BW still broken IMO/

With BW enabled I get 35 Mbps down
With BW disabled I get 50 Mbps down

My ISP provides me with 100 Mbps Down and 10 Mbps Up.
daveyeager
join:2004-04-21
Columbus, OH

daveyeager to FirebirdTN

Member

to FirebirdTN
BWM:
- no detectable reduction in upload speed with BWM enable with default rule, an definite improvement over last 3 releases (perhaps more)
- others will have to test further

No problems with any ipsec site-to-site vpn nor from android.

Secuextender works with windows 8.1 and java 7.40 (which needs desktop mode).

IPv6 6to4 tunnel works.

EPS:
- documented not to work with 64-bit OSes
- no support for windows 8.0, 8.1, 2012, 2012 r2 patch checking
- no support for av with last 2 years
* therefor likely no effective support against trojans and regular keyloggers [ excludes backdoors ] which can get passwords used with RDP.

SSL_VPN
- no change, same as 3.00 aqq.4, thus no perfect forward security for RDP, nor TLS 1.2, no removal of old chipers. [ see »SSL_VPN security ]
- no mention of whether we are affected by compromised RSA standards

Could not get console to work on firefox or chrome (like 3.00 aqq.4). Use Internet explorer.

"Top firewall rules that blocked traffic for ipv6" widget only seems to work with internet explorer.

This seems to move us ahead in actual terms, but falls behind the every increasing needs of the marketplace.
FirebirdTN
join:2012-12-13
Brighton, TN

FirebirdTN to Brano

Member

to Brano
Thanks for the feedback! Any noticeable degradation of download speed with BWM enabled like mozerd is seeing? (there is a thread that specifically fingers throughput issues on the USG 100; I have 50s and a 200)

I've never noticed a degradation of UL speed, but I purposely limit my UL via BWM to just under my measured throughput to prevent bufferbloat.

-Alan
kbonnel
join:2013-09-27
Denver, CO

kbonnel to daveyeager

Member

to daveyeager
Similar results. My firefox install (23.0.1) and chrome (version 29) on my Windows 8 seems to work OK when doing most of the aspects, including widgets. I also cannot utilize the console from firefox or chrome, the java applet will not fully/completely load)
lorennerol
Premium Member
join:2003-10-29
Seattle, WA

lorennerol

Premium Member

said by kbonnel:

the java applet will not fully/completely load

Java or JavaScript?? Please tell me I don't have to install the JVM to manage these routers now...
FirebirdTN
join:2012-12-13
Brighton, TN

4 edits

FirebirdTN to Brano

Member

to Brano
Console works for me in Firefox 23.0.1. However NOTE: I am using Java 6 because of an incompatibility with some gear at work and Java 7.

BWM still broken.

Speed tested, limited to 47. Old firmware solid 49.+ (I set my limit to 51200 to defeat powerboost). When I run a speedtest from OOKLA, it gives a graph that represents instantaneous peaks and valleies. On firmware 3.00 (BDS.4) with my BWM settings, its a perfect rectangle. No variation in speed at all. Not quite so with the current FW. Also with this new FM after the initial speed test I disabled BWM and tested again and got peaks in the 80s, which is normal. But here is the real kicker: I re-enabled BWM and ran a 3rd test and was limited to 13!

-EDIT- My BWM rules aren't working anymore. I disabled them, and created a new simple rule: from any to any service any in 8192 out 8192. That worked. Tried changing outgoing interface to "wan1", and the rule no longer worked.

Looks like they finished the BWM Kernal crash, but there is no real change that I can see over the previous pulled firmware.
-Alan
Kirby Smith
join:2001-01-26
Derry, NH

Kirby Smith to Brano

Member

to Brano
Update to 3.31 seems to be seamless. Getting 30/15 from from/to NJ/NH via speed test net. This is what each of my FAST connections is rated for. BWM off; IDP on.

kirby
whisper1
join:2007-11-28
Schomberg, ON

1 edit

whisper1 to Brano

Member

to Brano
Updated my USG20W to 3.30.1 Update was smooth and BWM is working perfectly.

W.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

No issues here either after the upgrade. BWM is off though. ...will test BWM later.

...and it's not 3.31, it's 3.30.1

Anav
Sarcastic Llama? Naw, Just Acerbic
Premium Member
join:2001-07-16
Dartmouth, NS

Anav

Premium Member

Just d/1 3.30.1 and I can report that the BWM enabled selection still hoses the throughput. :-((((
190Mbps BWM off, 46Mbps BWM enabled.
kbonnel
join:2013-09-27
Denver, CO

kbonnel to Brano

Member

to Brano
One thing I also noticed, is that my memory usage is higher than the previous 3.00 firmware. Before the update, I was using around 45 - 50%, now it is at 61%.