-
Captive Portal – Advanced Settings
In the latest firmware update for USG FLEX H Series, Captive Portal receives significant enhancements to its Advanced Settings. This article will walk you through the new advanced features, including improved redirect behavior, landing page options, HTTPS handling, and idle timeout configurations. 1. Customizable Landing…
-
VPN Parameter Expansion: Increased Limits for High-End Zyxel Firewalls
To meet the growing demands of large-scale network environments, Zyxel has expanded several key VPN-related parameters in its latest firmware release. This enhancement provides more flexibility for enterprise deployments, particularly for customers using high-end models like the USG FLEX 500H and USG FLEX 700H. What’s New…
-
USG FLEX H Series Firewall: IGMP Proxy Support
Multicast traffic, especially for IPTV or live video streaming, requires efficient handling across networks. To support this, USG FLEX H Series firewalls now include IGMP Proxy functionality - allowing multicast traffic to flow seamlessly between your internal clients and external multicast servers. What Is IGMP Proxy?…
-
Enhanced DoS Prevention for Port Scanning
USG FLEX H Series Firewall has enhanced the DoS (Denial of Service) Prevention feature in its latest firmware, specifically improving the way the firewall handles port scanning attacks. These adjustments help reduce CPU load. What Is DoS Port Scanning Protection? Port scanning is a technique often used by attackers to…
-
uOS -Default Trunk Algorithm
Overview In the latest firmware release, Zyxel firewalls introduce an important change to the default WAN trunk configuration. The default trunk algorithm has been updated to Least Load First, replacing the previous default of Weighted Round Robin. This change improves load distribution efficiency and ensures consistent…
-
Custom Source IP for Connectivity Checks
In our latest firmware update, USG FLEX H Series Firewalls has an important enhancement for connectivity and route monitoring - the ability to set a custom source IP address for connectivity checks. The Challenge Some ISPs assign: Private IP addresses for PPPoE interface negotiation Public IP addresses for actual traffic…
-
USG FLEX H Series Firewall: Bandwidth Management for TikTok Traffic
USG FLE X H Series latest firmware introduces a powerful enhancement to Bandwidth Management (BWM): direct control over TikTok traffic. This is especially useful for schools, businesses, and home users who want to optimize or limit TikTok usage on their networks. What’s New? A new application signature for TikTok is added…
-
New Security Enhancement: Anti-Malware Scanning for HTTP File Uploads
USG FLEX H Series latest firmware update brings an important upgrade to its Anti-Malware engine: real-time scanning of HTTP uploads, including HTTP POST requests. This enhancement ensures malware is intercepted not just during downloads, but also during file uploads services. What’s Implemented? Traditionally, Zyxel…
-
Device HA Config Apply Behavior
In the latest firmware update, Zyxel has introduced a enhancement to Device HA (High Availability) to address a situation when importing configurations with Device HA enabled to another device. Background Previously, when restoring a backup configuration from a customer site or another device that had Device HA enabled,…
-
Device HA: Enhanced Debug Logging Support
With the latest firmware, Device HA on Zyxel firewalls receives a significant enhancement around debug log collection - making troubleshooting HA pairs far more effective and easier to manage. What’s New 1. Persistent Debug Logs When you enable debug logging for DeviceHA, the firewall now writes logs to its flash storage,…
-
uOS - WAN Trunk Link Sticking
Overview The WAN Trunk Link Sticking feature is designed to maintain session consistency by ensuring that traffic from the same source IP to the same destination continues to use the same WAN interface. This function enhances connection stability for applications or services that are sensitive to IP address changes — such…
-
SIP ALG Debug Logging: New Feature for Troubleshooting
The latest firmware update brings a much-needed improvement to SIP troubleshooting on USG FLEX H Series firewalls. Network administrators can now enable SIP ALG debug logs, allowing for deeper analysis and quicker resolution of voice-related issues. What’s the Problem This Solves? Previously, when SIP (Session Initiation…
-
uOS Section – GUI and Feature Enhancements Overview
Overview This section introduces a collection of graphical user interface (GUI) and functionality enhancements made to the Zyxel USG FLEX H Series Firewalls in the latest firmware release. The improvements aim to simplify configuration, improve clarity, and prevent common misconfigurations across trunk interfaces, routing,…
-
SecuReporter: Weekly Report Smart Summary
To make weekly security monitoring more efficient and time-saving, Zyxel has introduced a powerful enhancement to SecuReporter: the AI-generated Smart Summary for weekly reports. What is Smart Summary? Smart Summary is an AI-generated overview embedded directly in the email notification of the weekly report. Instead of…
-
SecuReporter: Custom Weekly Report Day
Zyxel has enhanced SecuReporter with greater flexibility for scheduling weekly reports. In response to customer requests, users can now choose which day of the week they want their report to be generated. Why This Matters Previously, SecuReporter automatically generated weekly reports every Sunday at midnight—with no way…
-
What is the maximum number of VLAN interface supported on each operation mode of USG FLEX H?
Question: What is the maximum number of VLAN interface supported on each operation mode of USG FLEX H? Answer: Nebula mode On-premises mode USG FLEX 50H 8 8 USG FLEX 50HP 8 8 USG FLEX 100H 16 16 USG FLEX 100HP 16 16 USG FLEX 200H 32 32 USG FLEX 200HP 32 32 USG FLEX 500H 64 64 USG FLEX 700H 128 128
-
Why can't I initiate 'Request to Download' from the SecuReporter to download the History Data?
Question : Why can't I initiate 'Request to Download' from the SecuReporter to download the History Data? Answer : The reason the user cannot initiate 'Request to Download' from the SecuReporter to download the History Data is that only the organization owner has permission to do so. As shown below, only the org owner,…
-
How to troubleshoot high CPU usage on USG FLEX H?
Question: How to troubleshoot high CPU usage on USG FLEX H? Answer: If the CPU usage rises again, use the following debug commands, one at a time. Share the output with support for further assistance. show clock date show clock time show cpu ps | no-pager show cpu status | no-pager show mem ps | no-pager show mem status…
-
Why is USG FLEX H Series Traffic Usage Not Displayed in SecuReporter?
Question: The "Traffic Usage" ranking section in SecuReporter is not displaying any data for the USG FLEX H Series devices. Even though traffic logs are properly generated and visible under SecuReporter > Search Log > Traffic Log, the dashboard shows no data. Why is USG FLEX H series traffic usage not displayed in…
-
How to set an automatic logout timing on USG FLEX H?
Question: How can I configure automatic logout for users? Answer: You can configure an automatic logout time via the web GUI. Log in to the web interface of the USG FLEX H. Navigate to User & Authentication > User/Group > Setting. Adjust the "Reauthentication Time" for each user type account as needed. This will enforce a…
