Best Of

Currently, when manually reserving IP addresses, the DHCP log records its hostname as (NULL). However, for devices obtaining a dynamic IP from the DHCP pool, the hostname is correctly fetched and displayed in the logs.

User @Maverick87 would like to request an enhancement to have consistent and informative DHCP logs for all clients.

This suggestion originated from the post found here:

[USG FLEX 100H] IP Reserved on local DHCP Server and NULL as HostName in the DHCP Log — Zyxel Community

If anyone likes this idea, please show your support by leaving a comment or voting for it.

Currently, the system prevents an entry from being saved if the "Host Name" field is identical to an entry. It shows a "The value in this field is duplicate" error, even when the MAC addresses for the entries are completely different and unique.

While the DHCP server assigns IP addresses based on the device's MAC address, following the standard DHCP process, and does not use the hostname to identify devices, user @Maverick87 would like to request an enhancement to give the validation logic for the "Host Name" field should be treated as a descriptive label for administrative convenience.

This suggestion originated from the post found here:

If anyone likes this idea, please show your support by leaving a comment or voting for it.

User @PeterUK requires BWM function can support FQDN object for USG FLEX H series model.

Anyone who likes this idea, please leave your comments below and vote up for this idea post.

original link

Currently on uOS, the FQDN object only supports the format *.domain.com, which matches subdomains (e.g., www.domain.com, mail.domain.com) but does not include the root domain (domain.com).

In ZLD systems, the format *domain.com was supported, allowing both the root domain and subdomains to be covered by a single entry.

User @PeterUK would like to request an enhancement to bring this behavior to uOS, so that a single wildcard can cover both the root domain and its subdomains.

This suggestion originated from the post found here: FQDN problem www.grc.com vs grc.com under wildcard — Zyxel Community

If anyone likes this idea, please show your support by leaving a comment or voting for it.

Hello,

after reading another security idea I focused on how locking-out users with too much failed attempts really work.

Differently from my idea it does not lock the user while it lock its public IP

MY IDEA IS: add the choice in configure —> user group —> setting between locking by username provided and or by IP

this IMHO would be an advancement because:

1. if you ban that it ip it might happen that you are banning even other users. scenario: 5 employees of the same company go to a conference, they need to connect to thei VPN, they all use the hotel's WiFi, the first users inserts the wrong password too many times, they are all stuck for 30 minuts (or the time set)
2. an attacker can spoof it's IP every 5 attemps and apparently change it (via a vpn or whatever) and performe a brute force attack bypassing the lockout security settings

if one wants to be hyper protected i would leave the choice to block by IP and eventually by both

User @kaktusus hopes USG FLEX/ATP user account can change its password by themselves.

Anyone who likes this idea, please leave your comment below and give this post a vote.

Original post

User @too_many_accounts need USG Lite 60AX to support DHCP Option 61 for his ISP in the UK (SKY).

Anyone who also needs this option, please leave your comment and give it a vote.

Original post