Best Of
Re: Wireguard?
Hi @Zyxel_Melen,
I also open an another thread for this, but the question I think is about the Tailscale limitation. Tailscale is only a third party service that offer Wireguard connectivity, all the information passes throught the Tailscale servers (also if the SSL-Keys are not stored into Tailscale); if you use Wireguard is more secure also because is direct internally to the Linux Kernel Module.
Re: Zywall USG FLEX Series & ATP Series - V5.42Patch 1 Firmware Release
All dates and timings are Central European Time
Since Tuesday 10 7:00 a USG20W-VPN is working fine.
Since Wednesday 10 07:30 a USG20-VPN is working fine.
I updated roughly 1h ago a USG Flex 100, next one will be updated Saturday morning.
And the 5.42 P0 botch has confirmed that automatic update is not the best idea for my scenarios, because current scheduling options are only weekly (and not after a configurable delay from the new version availability).
mMontana
Re: SSL-Inspection causes "Content Encoding Error"
Hi @Mitz ,
Please assist us with the following two actions:
- Navigate to Security Services > SSL Inspection > Profile and set the Minimum Supported SSL/TLS Version to tls 1.0.
- Navigate to Security Service > SSL Inspection > Certificate Update and confirm that the Certificate Update reflects the version shown in the attached screenshot.
After completing both steps, if page load issues persist, please share your current configuration with us so we can investigate further.
SSL-Inspection causes "Content Encoding Error"
Hello everyone,
We recently purchased a Zyxel USG Flex 100H, and most of the features are working well so far. However, we’ve run into an issue with SSL-Inspection.
When SSL-Inspection is enabled, some websites (like YouTube) load normally, while others (like ChatGPT and Zyxel Support Forum) return a "Content Encoding Error" in Firefox. In a few cases, the page loads but the styling is completely broken. For example, ChatGPT loads like this:
Firefox then shows the "Content Encoding Error" when trying to ask a question. Also tried using other Browsers, but no luck there aswell.
I’ve searched online for possible solutions but haven’t found anything helpful so far. I also tried adjusting various SSL-Inspection settings, but none of the changes resolved the issue. For reference, I’ve included screenshots of the current configuration.
SSL-Inspection gets applied to a policy, which only handles the HTTP and HTTPS traffic of end users.
Has anyone experienced something similar or knows what might be causing this? Any help would be greatly appreciated.
Mitz
Re: NR5307 5G Router latest firmware.
Hey team, just following up on this.
Did anyone manage to get the file??
Multiple Source IPs in NAT rules
Hi,
I currently have a Web API that requires HTTPS traffic forwarding to our internal Web server through the USG Flex H series.
We've got a group of IPs that all require this same NAT rule applying to them, but I couldn't figure out a way to do this and as a result I have had to configure 6 individual NAT rules that virtually do the same thing, just with a different source IP.
Is there not a way to reference an IP Address Group object as a Source for a NAT rule?
Any help appreciated.
Lucas
Re: Zyxel XGS1935 and routing
Hi @Stevimir,
The XGS1935 is a light Layer 3 switch that supports routing functions. The switch will automatically create default route rules when you assign an IP address to each VLAN. You can also configure static route rules on it.
But please note that it is just a switch, it doesn't support any routing protocol or NAT function. If your network is not a closed network, you will still need a router or firewall to route your traffics.
Re: ZYXEL FWA505 and external antenna design
Hi @wkmaurom,
Welcome to the Zyxel Community!
Regarding external antenna support on the FWA505:
Yes, the Zyxel FWA505 supports both 4G (LTE) and 5G (NR) reception through its external antenna ports.
The two TS9 connectors are designed to cover a wide frequency range from 698 MHz to 4200 MHz, ensuring they can handle both 4G and 5G (Sub-6GHz) signals from your external antennas.
Please note that the device will operate in 2x2 MIMO mode via the two external ports. While this can offer a stable connection, it still may differ from the peak speeds achievable with the internal 4x4 MIMO configuration.
Re: Cloud-Saving Mode enabled when last logged in just 4 days ago
Hi @Lewpy
Thanks for the update. We have found there still have another issue that causing you enter cloud saving mode again. This issue is fixed. You should be not entered cloud saving mode again in the current login frequency.