-
Managing Security Services for USG FLEX H Series on NCC
With Nebula 18.30, users can now configure various security services for USG FLEX H Series firewalls directly on NCC. Security Services Now Configurable on NCC Path: Site-wide > Configure > Firewall > Security Services Users can now manage the following security services: Content Filter Application Patrol IP Exception DNS…
-
Managing USG FLEX H Series Objects on NCC
With Nebula 18.30, users can now create, edit, and manage objects for USG FLEX H Series firewalls directly on Nebula Control Center (NCC). What is an “Object”? In networking, an object refers to predefined network elements that can be referenced by multiple services for consistent and efficient configuration. New in Nebula…
-
Managing USG FLEX H Series Ports and Interfaces on NCC
With the Nebula 18.30 update, users can now configure ports and interfaces for USG FLEX H Series firewalls directly on Nebula Control Center (NCC). New Enhancements in Nebula 18.30: Users can create, edit, and manage interfaces from NCC. Supported Interface Roles: External – Typically used for WAN connections. Internal –…
-
Nebula VPN for H Series Firewalls
Summary: Enables NCC to automatically configure IPSec VPN Profiles between cloud-managed firewalls. Supports VPN provisioning between H Series and other Zyxel Security Appliances. Allows only one failover interface for VPN tunnels. VPN Load Balancing is not supported. H Series vs. Non-H Series Nebula VPN: H Series…
-
Cloud Configuration Management & Sync for H Series Firewalls in Nebula 18.30
With Nebula 18.30, Zyxel introduces cloud configuration management and synchronization for H Series firewalls. To ensure consistency between cloud and local settings, Nebula 18.30 implements a structured configuration sync mechanism that prevents conflicts and allows seamless management. 1. Understanding Configuration…
-
SecuReporter: SecuPilot
SecuPilot is an AI-powered tool that enhances SecuReporter by providing customized security reports and intuitive data visualizations based on user queries. Key Features: AI-driven analysis tailored to user needs Graphical charts & tables for quick insights Supports 40+ languages for queries, but responses are provided in…
-
uOS 1.35 – Single Passive Interface Rule Allowed in Trunk
In addition to failover improvements and duplicate interface checks, uOS 1.35 introduces a correction to how passive WAN interfaces are handled in trunk profiles. Previous Behavior (Before 1.35) The GUI allowed administrators to configure multiple passive interfaces in a single trunk profile. However, in reality, the…
-
uOS 1.35 – Trunk Enhancements
The uOS 1.35 release introduces two important improvements to WAN trunk behavior that address long-standing usability issues: Disconnect Connections Before Falling Back No Duplicate Interfaces in a Trunk Disconnect Connections Before Falling Back Previous Behavior When the active WAN interface (e.g., WAN1) failed, sessions…
-
uOS 1.35 – SMTP with Microsoft OAuth 2.0
With uOS 1.35, Zyxel firewalls now support SMTP authentication using Microsoft OAuth 2.0. This update is critical because Microsoft has deprecated traditional username + password authentication for mail services in favor of token-based OAuth authentication with multi-factor support. Why This Matters Traditional SMTP login…
-
uOS 1.35 – GUI Enhancements
Background – Previous Workflow One of the biggest complaints from administrators was the confusing workflow when editing certain configuration pages. For example: On VPN Phase 2 profiles, after defining Local and Remote policies, users had to: Click the check/save button for the row. Then click Apply for the entire…
-
Nebula 19.10 Update: H-Series Support Account and Password Synchronization
As part of the Nebula 19.10 release, Zyxel introduces a new approach to administrator account handling for the H-Series firewalls. This update ensures secure and consistent account management across both cloud (NCC) and local device configurations—particularly important since H-Series operates in hybrid mode (managed by…
-
Nebula 19.10 Update: H-Series "Configure First" and Onboarding Enhancements
With Nebula 19.10, Zyxel introduces significant improvements for the H-Series firewalls, giving organizations more flexibility when replacing firewalls, pre-configuring devices, and managing onboarding between cloud (NCC) and local configurations. These updates are crucial for partners and administrators planning H-Series…
-
Why the USG FLEX H failed to download firmware when first install?
If you encounter this issue when in the first install, this could be: Network issue causes the ffile to not becompleted. Uplink device's configuration, like SSL inspection, causes the firmware file not to be downloaded. You may contact @Zyxel_CSO for assistance.
-
How to find the default Nebula login password for USG FLEX H devices?
Question: How to find the default Nebula login password for USG FLEX H devices? I try 1234, site setting password and serial number but it doesn't work. Answer: If the device is registered to Nebula using a QR code and the default password options (e.g., "1234", site password, or serial number) do not work, check the…
-
Why some of Let's Encrypt CRL URL being categorized as malware?
This is a false alerts. USG FLEX/ATP USG FLEX H Zyxel is working on adjusting the category. If you encounter this issue, please add the URL "r10.c.lencr.org" to allow list. USG FLEX/ATP USG FLEX H
-
Why can't I configure a certificate for 2FA Web Portal?
Question: I am trying to configure 2FA web portal certificate, but it seems that there is no option for it to be configured. How to change 2FA certificate from default one? Answer: Currently, the 2FA Authentication page does not support changing the certificate. In the short term, we suggest you use the 2FA page as HTTP to…
-
[USG FLEX H]How to block specific MAC address to access my access point?
Question: How to block specific MAC address to access my access point? Answer: 1)Wireless > WLAN Clients. 2)And Add Policy Clients, Select "Block" or only "To Specific SSID" The MAC Address can't connect Access Point now.
-
How do I configure a MAC whitelist in APC for a wireless profile?
Question: How do I configure a MAC whitelist in APC for a wireless profile? Answer: This feature is not supported in the current design. It will be implemented in version V1.35.
-
What is the LED status description for the USG FLEX H?
Question: What is the LED status description for the USG FLEX H? Answer: This information can be found in the user guide. A brief LED status description is provided below:
-
What is the USB port on the firewall for?
Question: What is the USB port on the firewall for? Answer: The USB port can be used as external storage to store diagnostic information, packet trace files, and system logs. You can enable USB storage by navigating to Log & Report > Log Setting and enabling the USB storage option.
-
Why I enable DHCP server for internal VLAN but CLI shows disabled?
Scenario: This is because the DHCP of interface, is the interface IP address setting (DHCP client). Not the interface DHCP server setting. The CLI of DHCP server setting is under "vrf main dhcp server". Please use "show config vrf main dhcp server" to check the current CLIs.
-
What's the duplex mode of the ethernet connection on USG FLEX H?
Question: What's the duplex mode of the ethernet connection on USG FLEX H Answer: Network > Interface > Port Selecting Auto Negotiate allows one port to negotiate with a peer port automatically to obtain the connection speed (of up to 1000M) and duplex mode that both ends support. When auto-negotiation is turned on, a port…
-
Which ports are 10 Gbps Multi-Gigabit Ethernet Ports on USG FLEX 700H?
Question: Which ports are 10 Gbps Multi-Gigabit Ethernet Ports on USG FLEX 700H? Answer: P3, P4
-
Which H Firewall has PoE+ Port?
Question: Which H Firewall has PoE+ Port? Answer: USG FLEX 50HP USG FLEX 100HP USG FLEX 200HP USG FLEX 500H USG FLEX 700H
-
How to Synchronize Local Configuration for an USG FLEX H firewall in Nebula?
Question: How to Synchronize Local Configuration for an USG FLEX H firewall in Nebula? Answer: If the configuration displayed on your Nebula Control Center (NCC) for an USG FLEX H is not up-to-date, you can force a configuration synchronization by following the steps below. Log in to your Nebula Control Center (NCC).…
-
Can I update the firmware from uOS1.32to ZLD5.39 by Nebula for my H Firewall?
Question: Can I update the firmware from uOS1.32to ZLD5.39 by Nebula for my H Firewall? Answer: No. H Firewall platform is uOS and ZLD firmware is for USGFLEX/ATP.
