-
uOS 1.32: Quick DHCP IP Renewal Option Now Available for External Interfaces
As part of the usability improvements in Zyxel’s uOS 1.32 firmware, a helpful feature has been introduced for network administrators managing external (WAN) interfaces that use dynamic IP (DHCP) assignment. New: Manual DHCP Release/Renew Button Previously, if you needed to refresh the IP address on an external interface…
-
Device HA Enhancements in uOS 1.32
High availability (HA) is a cornerstone of reliable network infrastructure, and with uOS 1.32, Zyxel introduces a comprehensive set of Device HA enhancements to improve stability, simplify troubleshooting, and increase visibility into your failover systems. What’s New in Device HA? 1. HA Status LED Indicator The PWR/SY…
-
BWM Enhancements in uOS 1.32: Smarter Bandwidth Control
The release of uOS 1.32 brings powerful new improvements to Bandwidth Management (BWM), giving administrators greater flexibility and control over how bandwidth is distributed across users and devices. These enhancements make it easier to ensure fair usage, prevent congestion, and enforce traffic policies at both the user…
-
uOS 1.32 Bridge Enhancements: Now Supporting VPN Traffic Routing
Zyxel Networks continues to refine the flexibility and capability of its firewall platform with the latest firmware update, introducing powerful enhancements to bridge interfaces in uOS 1.32. These updates now allow bridge interfaces to participate in various VPN configurations—significantly improving deployment options…
-
AP Controller in uOS 1.32
The latest uOS 1.32 firmware brings the AP Controller function in Zyxel USG FLEX H Series firewalls, making wireless access point (AP) deployment, management, and monitoring simpler, more intelligent, and more scalable for businesses of all sizes. What Is the AP Controller? Zyxel's AP Controller (APC) allows uOS firewalls…
-
uOS 1.32: External Group Users for Policy Control and Authentication
Zyxel’s latest firmware update introduces enhanced External Group User support across its uOS-based firewalls. This feature allows organizations to integrate external authentication systems such as Active Directory (AD), LDAP, or RADIUS to manage and apply user-based policies more effectively across multiple security…
-
Captive Portal in uOS 1.32
Zyxel Networks continues to improve the user authentication experience with the Captive Portal feature in firmware uOS 1.32. These updates offer better control, improved flexibility, and stronger security for managing user access to the Internet. What is Captive Portal? The Captive Portal is a web-based authentication…
-
Simplify Peer-to-Peer Networking with Tailscale VPN
Zyxel has introduced Tailscale VPN support to its uOS-powered H Series firewalls, offering a peer-to-peer VPN solution as an alternative to traditional IPsec VPNs. This integration brings greater simplicity, reduced latency, and more flexibility to VPN deployments across devices and networks. What Is Tailscale VPN?…
-
LAG Interface Now Supported in uOS 1.32
Zyxel’s uOS 1.32 introduces Link Aggregation Group (LAG) interface support for H Series firewalls, enabling administrators to combine multiple physical interfaces into a single logical link. This provides improved bandwidth, redundancy, and failover capability—ideal for demanding network environments. What is a LAG…
-
Secure WiFi License for H Series Firewalls – Scale Your AP Management
As part of the ongoing enhancements in uOS 1.32, Zyxel introduces the Secure WiFi License for H Series firewalls — a licensing option designed to expand the number of access points (APs) that can be managed directly from the firewall. What Is the Secure WiFi License? The USG FLEX H Series firewall supports functioning as a…
-
New in uOS: Route Trace Tool
Zyxel’s latest uOS 1.32 firmware introduces a valuable diagnostic utility for administrators - the Route Trace tool. This enhancement provides deep visibility into how traffic flows through your firewall, helping quickly identify routing behavior and policy impacts. What Is Route Trace? Route Trace allows administrators to…
-
uOS Security Update: Removal of DHE Key Exchange
As part of its continued commitment to stronger cybersecurity, Zyxel's latest uOS version 1.32 introduces an important change: the removal of DHE (Diffie-Hellman Ephemeral) key exchange for services such as SSL VPN, HTTPS, SSH, and FTPS. Why Remove DHE? DHE key exchange requires large key sizes (e.g., 2048-bit or 4096-bit…
-
uOS v1.32 Adds Implicit Deny for Application Patrol
With uOS version 1.32, Zyxel introduces a much-anticipated update to the Application Patrol feature - the ability to enforce implicit deny rules. This enhancement offers network administrators a more secure and controlled application filtering environment by explicitly denying all unspecified traffic when a policy is…
-
uOS v1.32 - DoH and DoT Blocking
Zyxel's uOS v1.32 brings an essential security enhancement DNS over HTTPS (DoH) and DNS over TLS (DoT) blocking. This feature strengthens your ability to inspect and control DNS queries, ensuring that encrypted DNS traffic doesn't bypass your content filters and security policies. What Are DoH and DoT? DoH (DNS over HTTPS)…
-
H Series Firewalls: Application Usage Monitoring Now Available in Nebula
With the release of Nebula 19.00, H Series firewalls now support application usage visibility directly from the Nebula Control Center (NCC) dashboard. This enhancement gives network administrators real-time insights into what applications are consuming network bandwidth and which clients are generating the most traffic.…
-
H Series Firewalls: Site-to-Site VPN in Nebula vs. Local GUI
Zyxel’s Nebula Control Center (NCC) now offers comprehensive VPN management for H Series firewalls, including both SD-VPN (Software-Defined VPN) and manual link VPN options. This guide outlines key details and differences between cloud and local configuration, how to monitor VPN tunnels, and important tips for managing…
-
H Series Firewalls: Routing Configuration in Nebula vs. Local GUI
As cloud-based management becomes increasingly popular, Zyxel continues to align its local and Nebula experiences for the H Series firewalls. However, there are still a few differences when configuring routing policies. Policy Route: Trunk Configuration Difference What Is a Policy Route? Policy routing lets administrators…
-
H Series Firewalls: Understanding Ports & Interfaces in Nebula vs. Local GUI
With the H Series firewalls now fully integrated into Zyxel's Nebula Cloud Management, understanding the differences between cloud-based and local configurations when managing ports and interfaces. What’s the Same? Both local and cloud interfaces display: Port status Link speed Interface names Role designations (e.g., WAN,…
-
Nebula VPN Enhancements: Renaming & Interface Logic Updates
Zyxel Networks has implemented several updates to its VPN services for all cloud-managed security appliances (USG FLEX, ATP, Security Routers, and H Series). These enhancements affect not only the naming conventions but also the underlying VPN interface behavior, especially in environments with multiple WAN connections.…
-
Initial Setup Wizard for Subnet Allocation
In Nebula 18.30, USG FLEX H series support Nebula VPN, to simplify VPN configuration and prevent subnet conflicts, NCC automatically assigns subnets for the local network when setting up centralized firewalls. How Subnet Allocation Works: USG FLEX / ATP Firewalls → VPN subnet starts from 192.168.1.0/24 USG FLEX H Series…
-
How do I configure a MAC whitelist in APC for a wireless profile?
Question: How do I configure a MAC whitelist in APC for a wireless profile? Answer: This feature is not supported in the current design. It will be implemented in version V1.35.
-
What is the LED status description for the USG FLEX H?
Question: What is the LED status description for the USG FLEX H? Answer: This information can be found in the user guide. A brief LED status description is provided below:
-
What is the USB port on the firewall for?
Question: What is the USB port on the firewall for? Answer: The USB port can be used as external storage to store diagnostic information, packet trace files, and system logs. You can enable USB storage by navigating to Log & Report > Log Setting and enabling the USB storage option.
-
Why I enable DHCP server for internal VLAN but CLI shows disabled?
Scenario: This is because the DHCP of interface, is the interface IP address setting (DHCP client). Not the interface DHCP server setting. The CLI of DHCP server setting is under "vrf main dhcp server". Please use "show config vrf main dhcp server" to check the current CLIs.
-
What's the duplex mode of the ethernet connection on USG FLEX H?
Question: What's the duplex mode of the ethernet connection on USG FLEX H Answer: Network > Interface > Port Selecting Auto Negotiate allows one port to negotiate with a peer port automatically to obtain the connection speed (of up to 1000M) and duplex mode that both ends support. When auto-negotiation is turned on, a port…
-
Which ports are 10 Gbps Multi-Gigabit Ethernet Ports on USG FLEX 700H?
Question: Which ports are 10 Gbps Multi-Gigabit Ethernet Ports on USG FLEX 700H? Answer: P3, P4
-
Which H Firewall has PoE+ Port?
Question: Which H Firewall has PoE+ Port? Answer: USG FLEX 50HP USG FLEX 100HP USG FLEX 200HP USG FLEX 500H USG FLEX 700H
-
How to Synchronize Local Configuration for an USG FLEX H firewall in Nebula?
Question: How to Synchronize Local Configuration for an USG FLEX H firewall in Nebula? Answer: If the configuration displayed on your Nebula Control Center (NCC) for an USG FLEX H is not up-to-date, you can force a configuration synchronization by following the steps below. Log in to your Nebula Control Center (NCC).…
-
Can I update the firmware from uOS1.32to ZLD5.39 by Nebula for my H Firewall?
Question: Can I update the firmware from uOS1.32to ZLD5.39 by Nebula for my H Firewall? Answer: No. H Firewall platform is uOS and ZLD firmware is for USGFLEX/ATP.
-
My H series Secureporter is disconnected , how to check ?
Symptom: My Secureporter is disconnected , how to check ? Checking: 1)Please check the DNS can be resovled. 2)And check the process. uOS> cmd debug system ps | match "secu_reporter" 390 1 secu_reporter root ? 19 0 0.0 0.0 Ssl 386504 6736 51852 96626 13:19:43 02:18:55 00:00:00 /usr/sbin/secu_reporter Please contact Zyxel…
-
Is CPU temperature: 55 degress Celsius normal for a USG FLEX Firewall?
Question: Is CPU temperature: 55 degress Celsius normal for a USG FLEX Firewall? Answer: The maximum shutdown temperature is 85°C. More than 70°C we can consider it as a high CPU temperature.
-
Can I check traffic report with Base Pack license on H Firewall?
Question: Can I check traffic report with Base Pack license on H Firewall? Answer: Zyxel H series Firewall does not have a Base Pack license. When device registration, it will automatically comes with a 366-day Entry Defence Pack upon device registration, which makes avaiable for the user to check the traffic report by…
-
How Many Users Can Be Created on the Local Database of USG Flex H Series?
Question: How Many Users Can Be Created on the Local Database of USG Flex H Series? Answer: To determine the maximum number of users supported on the local database of the Zyxel USG Flex H series devices, You can refer to the Chapter "Appendix" from user guide for the specific device. The UserGuide provides detailed…
-
Is the USG Flex 700H supported DAC cable ?
Question: Is the USG Flex 700H supported DAC cable ? Answer: The DAC (Direct Attach Copper) cable is not officially supported for the USG Flex 700H. It has not been validated for reliable operation. This means there is a possibility of unexpected issues arising if you decide to use it.
-
Understanding Nebula status of uOS firewall on local GUI
The Nebula Status Dashboard in uOS firewall provides real-time visibility into a firewall’s connectivity with NCC. The path: Dashboard > Nebula Status Hovering over the status provides a tooltip with additional details. Clicking the status opens the Nebula Status Network Tool (for troubleshooting connectivity issues) Your…
-
How to check the Nebula status of uOS firewall on local GUI?
The Nebula Status tool helps administrators quickly diagnose connectivity issues between their firewall and NCC. The method: Navigate to: Maintenance > Diagnostics > Network Tool > Nebula Status Click Test button When testing Nebula status, the results will indicate whether your firewall can successfully communicate with…
-
The AP Control Capabilities of uOS 1.32 Firewall
The uOS 1.32 firewall can function as a controller to manage and configure connected access points, handling SSID creation, security settings, and firmware updates. Key features include: Support for all USG FLEX H Series models New Nebula-inspired AP controller interface for improved usability Deployment Selection feature…
-
Which AP models are managed by uOS 1.32 APC?
The uOS 1.32 APC can manage AP models as below: WiFi 7: WBE660S, WBE530, WBE510D, WBE630S WiFi 6E: WAX620D-6E, WAX640S-6E WiFi 6: WAX510D, WAX610D, WAX630S, WAX650S, WAX655E, WAX300H WiFi 5: WAC500H
-
SYS LED Status for Device HA
Question: What is SYS LED status on active device and passive device? Answer:
-
How to Pause Device HA?
Question: How to Pause Device HA? Answer: For troubleshooting purpose, you can stop Device HA temporarily without unpairing the active and passive devices to troubleshoot the active device. Follow the steps below. Turn off the passive device or unplug all Ethernet cables except heartbeat port from the passive device. On…