-
What IP and port should be allowed for firewall upgrade and license/signature update?
Question: What the IP address and server port should be allowed for firewall upgrade and license/signature updates? Answer: Please allow *.zyxel.com and the servier port is port443.
-
How to connect the console cable to the USG Flex50/USG20-VPN/USG20W-VPN models?
Question : The customer may wonder how to connect the console cable with the small model USG Flex50/USG20-VPN/USG20W-VPN, this article will guide you on how to execute it. Answer : Please prepare two console cables: one is DB9 to RJ45, which connects to the USG20-VPN, and the other is RS232 to USB, which connects to the…
-
How to check the firewall operate in on-premise mode or Nebula mode via the CLI?
Question : The USG Flex/ATP models can operate in on-premise mode or Nebula mode. There is a simple way to check the mode status via the CLI command. Answer : The CLI command is "debug show sdwan_ztp status". If the firewall operates in on-premise mode, the CLI result will show as below: Router> debug show sdwan_ztp status…
-
How to check the session and traffic count information for Geo IP ?
Question : Users may utilize various Geo IP-related features such as firewall rules and device access restrictions on the firewall. Users may want to monitor the session and traffic count related to Geo IP. This article will guide you on how to monitor it. Answer : Please navigate the Web-GUI path: Monitor > Session…
-
How to use OID to get the system uptime through SNMP on ATP and USG Flex models?
Before reading this article, please refer to the below two articles: How to set up SNMPv2 on ATP and USG Flex models? How can the system uptime be queried through SNMP on ATP and USG Flex models? Scenario : If the user knows the corresponding OID (object identifiers) for the firewall's configuration parameters or values…
-
How can the system uptime be queried through SNMP on ATP and USG Flex models?
Scenario : Users may want to utilize the SNMP feature to query the system uptime and monitor the firewall's operational status. This article will guide you on how to do so Answer : Before beginning, please refer to this article: How to set up SNMPv2 on ATP and USG Flex models? to see how to set up the SNMP feature in your…
-
How to choose boot partiation by CLI
Scenario: You have trouble on running firmware but can't access WebGUI. Please use CLI to boot another firmware by console or SSH (if it's available) Solution: Router(config)# set firmware boot number <1..2> Reboots the Zyxel Device immediately with firmware in partition 1 or 2. If 2 is the Standby partition, then it…
-
How to resolve the issue of high CPU usage when clients are connected to the LAN port only?
Scenario : Users may encounter an issue where, when clients are connected only to the LAN port and configure the firewall through the Web-GUI, the firewall fails to connect to the WAN port, resulting in high CPU usage from time to time, as shown below: What is the cause of this issue and how can it be resolved? Answer :…
-
How can I see active sessions on my usg?
Scenario: You would like to see the active session on USG Firewall. Solution: Monitor > Traffic Statistics > Session Monitor And you can also see by different type.
-
How to check the active session number on the firewall?
Scenario : Users typically rely on the active session number to determine if the firewall is handling a large number of sessions. Therefore, knowing how to check this on the firewall is crucial for users. This article will guide you on how to do so. Answer : The user can monitor the active session number on the Web-GUI's…
-
How can packets be captured from a specific IP address?
Scenario : Users may want to capture packets from a specific IP address for troubleshooting purposes. This provides the benefit of filtering the collected packets and preventing them from becoming too large. This FAQ will guide you on how to execute this process. Answer : For example, if the user wants to capture packets…
-
How to check the Web-GUI access port number by the CLI in USG Flex/ ATP series model?
Question: Sometimes, users change the Web-GUI access port number for improved security. However, they might forget the port number accidentally. In such cases, how can users use CLI to check the Web-GUI access port number? Answer : Users can use the CLI command "show ip http server secure status" to check the Web-GUI…
-
Why can't we enable schedule reboot and auto firmware update at the same time?
Question: Why can't we enable schedule reboot and auto firmware update at the same time? Answer: Schedule Reboot and Auto Firmware Update functions are mutually exclusive. If Auto Firmware Update enabled, then you cannot set Schedule Reboot and vice versa.
-
How to update the firmware by FTP?
Scenario : Users typically use the Web-GUI to update the firewall firmware, but it's also possible to use FTP for firmware updates. This FAQ will guide you on how to execute this. Answer : Please prepare a PC to connect to the firewall's LAN port and obtain a DHCP IP (for example, the assigned DHCP IP is 192.168.1.33 with…
-
How to disable recursive DNS service on the firewall by CLI?
Scenario : Some Internet Service Providers may offer recursive DNS service. Once the firewall/router is assigned a public IP, external Internet users can execute a DNS query via the public IP (e.g., using 'nslookup www.google.com [public IP address]'). However, this behavior may impose additional load on the…
-
How to disable recursive DNS service on the firewall GUI?
Scenario : Some Internet Service Providers may offer recursive DNS service. Once the firewall/router is assigned a public IP, external Internet users can execute a DNS query via the public IP (e.g., using 'nslookup www.google.com [public IP address]'). However, this behavior may impose additional load on the…
-
How to set up SNMPv2 on ATP and USG Flex models?
Scenario : This article will guide you on how to set up SNMPv2 on ATP and USG Flex models. Answer : Please navigate to System > SNMP Enable SNMP option. Define the Service Port. Enable SNMPv2c option. Define 'Get Community' and 'Set Community' values, Define Session Control. Open the iReasoning MIB Browser and click the…
-
How to type "?" in Terminal
Typing "?" usually display helping information. However, you have the request that type "?" in Terminal Please type [Ctrl + V ] on your keyboard before type a "?"
-
Why I cannot remove configuration files?
Question: Why I cannot remove configuration files? Answer: You can only delete the configuration file that is manually saved. Automatically generated configurations cannot be deleted such as systemdefault.conf, startup-config.conf, and lastgood.conf files.
-
Configuration file apply flow when booting the firwall
Configuration file apply flow when booting the firwall Check if startup-config.conf has any errors. If no, apply it at booting and copy it to lastgood.conf as a backup file. If there are errors, the device will save it as startup-config-bad.conf and apply the existing lastgood.conf. If lastgood.conf still has errors, the…