-
Secure WiFi License for H Series Firewalls – Scale Your AP Management
As part of the ongoing enhancements in uOS 1.32, Zyxel introduces the Secure WiFi License for H Series firewalls — a licensing option designed to expand the number of access points (APs) that can be managed directly from the firewall. What Is the Secure WiFi License? The USG FLEX H Series firewall supports functioning as a…
-
New in uOS: Route Trace Tool
Zyxel’s latest uOS 1.32 firmware introduces a valuable diagnostic utility for administrators - the Route Trace tool. This enhancement provides deep visibility into how traffic flows through your firewall, helping quickly identify routing behavior and policy impacts. What Is Route Trace? Route Trace allows administrators to…
-
uOS Security Update: Removal of DHE Key Exchange
As part of its continued commitment to stronger cybersecurity, Zyxel's latest uOS version 1.32 introduces an important change: the removal of DHE (Diffie-Hellman Ephemeral) key exchange for services such as SSL VPN, HTTPS, SSH, and FTPS. Why Remove DHE? DHE key exchange requires large key sizes (e.g., 2048-bit or 4096-bit…
-
uOS v1.32 Adds Implicit Deny for Application Patrol
With uOS version 1.32, Zyxel introduces a much-anticipated update to the Application Patrol feature - the ability to enforce implicit deny rules. This enhancement offers network administrators a more secure and controlled application filtering environment by explicitly denying all unspecified traffic when a policy is…
-
uOS v1.32 - DoH and DoT Blocking
Zyxel's uOS v1.32 brings an essential security enhancement DNS over HTTPS (DoH) and DNS over TLS (DoT) blocking. This feature strengthens your ability to inspect and control DNS queries, ensuring that encrypted DNS traffic doesn't bypass your content filters and security policies. What Are DoH and DoT? DoH (DNS over HTTPS)…
-
H Series Firewalls: Application Usage Monitoring Now Available in Nebula
With the release of Nebula 19.00, H Series firewalls now support application usage visibility directly from the Nebula Control Center (NCC) dashboard. This enhancement gives network administrators real-time insights into what applications are consuming network bandwidth and which clients are generating the most traffic.…
-
H Series Firewalls: Site-to-Site VPN in Nebula vs. Local GUI
Zyxel’s Nebula Control Center (NCC) now offers comprehensive VPN management for H Series firewalls, including both SD-VPN (Software-Defined VPN) and manual link VPN options. This guide outlines key details and differences between cloud and local configuration, how to monitor VPN tunnels, and important tips for managing…
-
H Series Firewalls: Routing Configuration in Nebula vs. Local GUI
As cloud-based management becomes increasingly popular, Zyxel continues to align its local and Nebula experiences for the H Series firewalls. However, there are still a few differences when configuring routing policies. Policy Route: Trunk Configuration Difference What Is a Policy Route? Policy routing lets administrators…
-
H Series Firewalls: Understanding Ports & Interfaces in Nebula vs. Local GUI
With the H Series firewalls now fully integrated into Zyxel's Nebula Cloud Management, understanding the differences between cloud-based and local configurations when managing ports and interfaces. What’s the Same? Both local and cloud interfaces display: Port status Link speed Interface names Role designations (e.g., WAN,…
-
Nebula VPN Enhancements: Renaming & Interface Logic Updates
Zyxel Networks has implemented several updates to its VPN services for all cloud-managed security appliances (USG FLEX, ATP, Security Routers, and H Series). These enhancements affect not only the naming conventions but also the underlying VPN interface behavior, especially in environments with multiple WAN connections.…
-
Understanding Nebula status of uOS firewall on local GUI
The Nebula Status Dashboard in uOS firewall provides real-time visibility into a firewall’s connectivity with NCC. The path: Dashboard > Nebula Status Hovering over the status provides a tooltip with additional details. Clicking the status opens the Nebula Status Network Tool (for troubleshooting connectivity issues) Your…
-
How to check the Nebula status of uOS firewall on local GUI?
The Nebula Status tool helps administrators quickly diagnose connectivity issues between their firewall and NCC. The method: Navigate to: Maintenance > Diagnostics > Network Tool > Nebula Status Click Test button When testing Nebula status, the results will indicate whether your firewall can successfully communicate with…
-
The AP Control Capabilities of uOS 1.32 Firewall
The uOS 1.32 firewall can function as a controller to manage and configure connected access points, handling SSID creation, security settings, and firmware updates. Key features include: Support for all USG FLEX H Series models New Nebula-inspired AP controller interface for improved usability Deployment Selection feature…
-
Which AP models are managed by uOS 1.32 APC?
The uOS 1.32 APC can manage AP models as below: WiFi 7: WBE660S, WBE530, WBE510D, WBE630S WiFi 6E: WAX620D-6E, WAX640S-6E WiFi 6: WAX510D, WAX610D, WAX630S, WAX650S, WAX655E, WAX300H WiFi 5: WAC500H
-
SYS LED Status for Device HA
Question: What is SYS LED status on active device and passive device? Answer:
-
How to Pause Device HA?
Question: How to Pause Device HA? Answer: For troubleshooting purpose, you can stop Device HA temporarily without unpairing the active and passive devices to troubleshoot the active device. Follow the steps below. Turn off the passive device or unplug all Ethernet cables except heartbeat port from the passive device. On…
-
Where to add the Static DHCP Table on USG FLEX H?
Static DHCP Table: Configure a list of static IP addresses the firewall assigns to computers/ clients connected to the interface. On Nebula: Creating static DHCP clients directly from the interface page. The path: Site-wide > Configure > Firewall > Port & Interface On Local GUI: Creating static DHCP clients from the DHCP…
-
How to Configure External Group Users on H series ?
If you are facing issues with configuring external group users (ext-group-user) via LDAP on the latest firmware version 1.32, here's a guide to resolve the problem: The root cause is your LDAP/AD server does not support attribute which we query. This may be common in non-Windows AD server Workaround: 1)Log in Firewall by…
-
How to Configure Custom DDNS on USG FLEX H firewall?
Question: How can I set up the DDNS service using Custom DDNS on USG FLEX H firewall? Answer: In this example, we use ipv64.net as DDNS service. To configure the DDNS service from ipv64.net using the Custom DDNS, please follow these steps: Log in to your ipv64.net account and navigate to the domain you have created. Find…
-
How to register two USG FLEX H firewalls in Nebula for Device HA configuration?
Question: How can we register two USG FLEX H firewalls in Nebula for Device HA configuration? Answer: To register two USG FLEX H firewalls in Nebula for Device HA, you need to register each firewall to a different site within the same organization. Create two sites within the same organization in Nebula. Assign the primary…
