-
USG FLEX H Series - Can I connect non-PD to PoE port?
It is recommended not to connect a non-PD to the PoE port. If you need to connect, please confirm the PoE function is disabled before connecting. Path: Menu > Network > Interface > Port
-
How to use commands to disable "Authenticate Client Certificates" on USG FLEX H?
Question: I enabled the option "Authenticate Client Certificates" on USG FLEX H by mistake and I’m not able to access WEB GUI. How to use commands to disable it? Answer: usgflex200h> edit running usgflex200h running config# vrf main http-server secure-server auth-client false usgflex200h running config# commit usgflex200h…
-
USG FLEX H Series - Bootup Status
USG FLEX H Series - Bootup Status Introduction Understanding the bootup status and configuration application process of the USG FLEX H Series firewalls is crucial for effective troubleshooting and maintenance. This guide provides a detailed overview of the bootup sequence, symbols used during the process, and how to…
-
USG FLEX H Series - Self Protection
USG FLEX H Series - Self Protection Overview The Self Protection feature enhances the security of the USG FLEX H Series by addressing vulnerabilities associated with the IKE port (UDP 500). This port is commonly exploited by malicious users to perform denial of service (DoS) or other types of attacks. With version 1.20,…
-
403 Forbidden when attempting to access WebGUI
Issue: Users may encounter a "Forbidden" error when attempting to access WebGUI Resolution: To resolve this issue, follow these steps: Access your firewall settings. Disable the authentication client for HTTPS on the firewall. H> edit running H running config# vrf main http-server secure-server auth-client false H running…
-
USG FLEX H Series - AD Server Authentication
USG FLEX H Series - AD Authentication Overview The USG FLEX H Series now supports AD (Active Directory) authentication for both IPsec VPN and SSL VPN users. This enhancement allows centralized user management and enhanced security by leveraging your existing AD infrastructure. AD Authentication for VPN Supported…
-
USG FLEX H Series - Two-Factor Authentication for VPN
USG FLEX H Series - Enhancement on Authentication for VPN Overview The USG FLEX H Series firewalls now support several authentication types for VPN access: Local User with Two-factor authentication (2FA) External User on AD/LDAP Server Local Users - Two-Factor Authentication for VPN Clients How It Works When a remote user…
-
USG FLEX H Series - Custom Interface MAC Address
USG FLEX H Series - Custom Interface MAC Address Overview Certain Internet Service Providers (ISPs) require that devices connected to their network use a specific MAC address for authentication or other network policies. In such cases, it becomes necessary to manually override the default MAC address of your USG FLEX H…
-
USG FLEX H Series - Bandwidth Management
USG FLEX H Series - Bandwidth Management Bandwidth management is a crucial aspect of network administration, allowing you to allocate and limit bandwidth usage to ensure optimal network performance and prevent congestion. In firmware version 1.20 for the USG FLEX H Series, several enhancements have been made to bandwidth…
-
USG FLEX H Series - GUI Enhancements
USG FLEX H Series - GUI Enhancements The latest firmware version 1.20 for the USG FLEX H Series introduces several user interface (UI) enhancements aimed at improving usability, functionality, and overall user experience. This article will guide you through these enhancements, explaining their benefits and how to use them…
-
What is the maximum number of DHCP Relay Server supported on USG FLEX H?
Question: What is the maximum number of DHCP Relay Server supported on USG FLEX H? Answer: The maximum number of DHCP Relay Server is supported on USG FELX H is 4.
-
How to create address object/group by CLI
Question: How to create object/group by CLI ? Using CLI is very helpful if you have many spam addresses. Answer: usgflex200h> edit running ; enter config mode usgflex200h running config# object address-object address spam1 type host 1.1.1.1 usgflex200h running config# object address-object address spam2 type host 1.1.1.2…
-
Does USG FLEX H support device HA?
Question: Does USG FLEX H support device HA? Answer: No. At the time of writing, USG FLEX H does not support device HA in version 1.10 and the next version 1.20. Update: Version 1.31 supports device HA.
-
What external authentication server is supported on USG FLEX H?
Question: What external authentication server is supported on USG FLEX H? Answer: In the current phase (V1.10), RADIUS is supported. Active Directory and LDAP will be supported in the next phase.
-
Security Service Packet Flow
This article will introduce the inspection process of the security service At the "IP Reputation" pahse, the security policy will begin checking if Transport Layer is allowed and continue to inspect Application Layer after decrypting the SSL/TLS connection.
-
What is Fastpath acceleration
Fastpath helps process traffic faster -Reserve system resource to process network traffic -CPU3 and CPU4 dedicate client traffic. You can check the fastpath average by "show cpu status"