Networking - Zyxel Community

Can VLAN added to Bridge interface?
Question: Can VLAN added to Bridge interface? Answer: Yes, VLAN interface can be added to Bridge interface
Why can't access CCTV using public IP when connecting internal WiFi?
Question: Why can't access CCTV using public IP when connecting internal WiFi? Answer: This common scenario occurs when the NAT rule does not enable NAY loopback. NAT Loopback allows internal network devices to access other internal devices using the external public IP address of the firewall, which is typically used for…
The Secure Policy Rule with User Field does not work
Question: The Secure Policy Rule with User Field does not work Answer: Root Cause: The firewall has duplicated user groups ID. When a user attempts to authenticate, the firewall becomes confused about which specific group the user belongs to, leading it to apply an incorrect policy rule. Resolution: To resolve this issue,…
What Country Code is used for build-in AP
Question: How to check the current Country Code for a built-in AP? Answer: To check the current country code of a built-in AP, you can use the following command: show wlan-radio-profile all | match "Country" This command will display the country code that is currently in use by your AP.
Why I access our e-commerce site management platform, it redirects to the login page?
The redirect to login page could be because: Your PC can't save the cookie/cache that cause your server can't recognize your login session. Your firewall is using dual WAN. For the firewall part, you can set a policy route with fixed outgoing interface.
Why can't I set a WAN interface to 0.0.0.0 on ATP/USG FLEX firewall?
Question: Why can't I set a WAN interface to 0.0.0.0 on ATP/USG FLEX firewall? I encountered an issue while setting PPPoE on an USG FLEX firewall. I tried to configure the WAN interface with IP: 0.0.0.0 and mask: 0.0.0.0. However, the setting appeared problematic. Answer: The issue will be resolved in the next official…
How to Enable AirPrint (mDNS) Between Two LANs?
Question: Can AirPrint (mDNS) be used between two LANs with the USG ATP/FLEX ? Answer: * AirPrint or mDNS relies on multicast, but the USG FLEX 200 only supports IGMP proxy for LAN-to-WAN scenarios. It does not provide mDNS or Bonjour proxy or repeater functionality.
Why traffic did not blocked with IP/MAC Binding enabled?
Question: Why is it that a device not listed in the IP/MAC binding is still able to receive an IP and access the network?Answer: The IP/MAC Binding feature works as follows: - A client will be blocked if it uses a static IP address listed in the binding table but its MAC address is not listed. - A client will also be…
How to troubleshoot DHCP issue on ATP/FLEX series?
Question: Why the clients can't obtain IP address from DHCP Answer: 1)Please log in Firewall by SSH. 2)Check the dhcpd process is running. (You can verify the ethX mapping by CLI "Router> debug system ip addr") 3)Check the bootp process is well through packet-trace. Firewall 192.168.2.1 reply DHCP request in following…
Why is the last access time of the DHCP table the same?
Question: Why is the last access time of the DHCP table the same? As shown below, the Last Access time was 2025-02-07 09:32:11. Answer: The firewall checks the Last Access time of the DHCP client every 300 seconds. Once this procedure is completed, it generates the Last Access time records in the DHCP table. This is why…
What is the meaning of the Check Period value for the WAN Connectivity Check?
Question: What is the meaning of the Check Period value for the WAN Connectivity Check? Answer: It represents the time, in seconds, between each connectivity check performed by the firewall. For instance, the USG Flex 100 will perform the WAN connectivity check every 30 seconds. This means there will be ping checks…
What is the meaning of the Check Timeout value for the WAN Connectivity Check?
Question: What is the meaning of the Check Timeout value for the WAN Connectivity Check? Answer: It represents the time, in seconds, that the firewall will wait to determine whether the connectivity check is successful. If the connectivity check fails, the user should investigate why the WAN connectivity is not functioning…
When WAN1 comes back online, why does the traffic continue to stay on WAN2?
Question: I have setup WAN1 as Active mode and WAN2 as Passive mode in trunk setting. But why the traffic still keep on WAN2 interface even the WAN1 interface has faillback completely? Answer: If you would like to disconnect all of the exist sessions from WAN2 when WAN1 interface has fallback completely, then you can…
Why is the DHCP option not working?
Question: The user has configured the DHCP option with option code 132, but the DHCP option is not working. Why is the DHCP option not functioning? Answer: The possible reason is that when the client initiates the DHCP Discover, it doesn't include DHCP option 132. Please ensure that the DHCP Discover message includes DHCP…
Why is the firewall blocking broadcast traffic from LAN?
Question: How can I unlock broadcast traffic? Why is the firewall blocking broadcast traffic from LAN Answer: The firewall blocking broadcast traffic from LAN may be due to security policy settings, you can modify the firewall rules. Steps to Allow Broadcast Traffic: * Log in to your ZyWALL firewall management interface. *…
Why can't the SFP LAN interface assign a DHCP IP normally?
Question: The user may face an issue where the SFP interface is set as an internal LAN zone port, but it fails to assign a DHCP IP to the host client. What could be the possible reason, and how can this problem be resolved? Answer: The possible reason why the SFP interface fails to assign a DHCP IP to the host client is…
A Complete Configuration Guide to IP/MAC Binding
Introduction IP/MAC binding is a powerful tool in network security, allowing only authorised devices to access the network. This feature, configurable through a firewall, provides network administrators with better control and visibility over connected devices, helping to safeguard the network from unauthorised access.…
Is it possible to configure and advertise a default route through OSPF?
Question: Is it possible to configure and advertise default route through OSPF (not only static routes)? Answer: "Advertise default route through OSPF" is not supported on ATP/USG FLEX series.
How can I configure DHCP option 242 on my firewall?
I have IP phones requires to get SIP information from remote HTTP server, so it requires to get HTTP server information by DHCP option 242. How can I setup it in DHCP Extended Options? (1) Navigate to the DHCP server configuration section. (2) Create an extended option with the following details: - Code: 242 - Type: TEXT -…
How to use the Geo-IP feature?
Background In today's increasingly interconnected world, ensuring network security is paramount. One effective method is to block internet traffic from specific geographic locations known for high levels of malicious activity. Zyxel’s Geo-IP feature, introduced from firmware version 4.20, allows administrators to restrict…

Welcome!

It looks like you're new here. Sign in or register to get started.