-
How to check the DHCP IP assignment in the event log?
Scenario : For troubleshooting DHCP IP assignment issues, the user can use the event log to check whether the DHCP IP assignment was completed. Answer : Navigate to Site-wide > Monitor > Firewall > Event log > Choose the Category as DHCP, specify the time duration, and then search it, as shown below: The PC gets a DHCP IP…
-
How to configure an built-in AP on a firewall via Nebula Control Center?
Background Configuring built-in access points (AP) on Zyxel firewalls through the Nebula Control Center (NCC) differs slightly from configuring a Nebula access point. Understanding how to navigate these settings is essential to ensure your network runs smoothly and efficiently. Scenario An administrator encountered…
-
How do I execute SNAT for a specific WAN interface on a Nebula firewall?
Question : How do I execute SNAT for a specific WAN interface on a Nebula firewall? Answer : For instance, if the user wants to specify that LAN1 clients should use SNAT via WAN1 or WAN2, please navigate to Site-wide > Configure > Firewall > Routing to add a policy route. Choose WAN1 or WAN2 as the Next-Hop, as shown below:
-
Why Can't I Set an Unnumbered IP Address on USG FLEX500?
Question: I want to set an unnumbered IP address on the WAN interface of my USG FLEX500. How can I do this? Answer: It does not support unnumbered IP at current design.
-
How to route specific internal IP addresses via a virtual interface WAN1:1?
Question: On ATP/USG FLEX, you cannot select virtual wan interface as Next-Hop in policy route. How to route specific internal IP addresses via a virtual interface WAN1:1? Answer: To route specific internal IP addresses via a virtual interface WAN1:1 on your USG FLEX device, follow these steps: * Create a new address…
-
How to Bind a Second IP Address via CLI on Zyxel Devices
How to Bind a Second IP Address via CLI on Zyxel Devices Question: How can I bind a second IP address on my Zyxel USG FLEX500 router? Answer: If you need to add a second IP address on your Zyxel USG FLEX500 router, you can use the CLI (Command Line Interface). This method allows you to manually configure the second IP…
-
How to Bind a Second IP Address via CLI on Zyxel Devices
How to Bind a Second IP Address via CLI on Zyxel Devices Question: How can I bind a second IP address on my Zyxel USG FLEX500 router? Answer: If you need to add a second IP address on your Zyxel USG FLEX500 router, you can use the CLI (Command Line Interface). This method allows you to manually configure the second IP…
-
How to Bind a Second IP Address via CLI on Zyxel Devices
How to Bind a Second IP Address via CLI on Zyxel Devices Question: How can I bind a second IP address on my Zyxel USG FLEX500 router? Answer: If you need to add a second IP address on your Zyxel USG FLEX500 router, you can use the CLI (Command Line Interface). This method allows you to manually configure the second IP…
-
[ATP/FLEX] How do I allow a specific lan client to access the device on a Nebula firewall?
Scenario : How do I allow a specific IP address to access the device on a Nebula firewall? Answer : For instance, if a user wants to allow the IP address 192.168.1.33 to access the firewall and deny other clients from accessing it, please refer to the steps below to set it up STEP1. Please navigate to Site-wide > Configure…
-
[ATP/FLEX] Does the Nebula firewall support IP/MAC Binding feature?
Question : If an on-premise firewall user switches to a Nebula firewall, does the Nebula firewall support the IP/MAC Binding feature like the on-premise firewall? Answer : Yes, the user can navigate to Site-wide > Configure > Firewall > Interfaces > lan interface > Static DHCP table to add it. Please refer tot this FAQ :…
-
[ATP/FLEX] How do I add multiple IP addresses to one wan interface?
Question: How do I add multiple IP addresses to one wan interface? Answer: Currently, firewall on Nebula mode doesn't support virtual interface.
-
[ATP/FLEX] Is it possible to disable a allow rule security policy in nebula?
Question: Is it possible to disable a allow rule security policy in nebula? Answer: To disable an allow rule in Nebula's security policy, navigate to Configure > Firewall > Security policy. You can then disable the specific allow rule you want to modify. Note: "Implicit allow rules" can not be disabled.
-
[ATP/FLEX] Why the firewall cannot access the Nebula in Monitor Mode again?
Scenario : The user may encounter a situation where, after removing the device (in Monitor Mode) from the org and adding it to the license & inventory again, the device still cannot be online in Monitor Mode on Nebula. What is the possible reason, and how can this be resolved?" Answer : The possible reason is that the user…
-
How to Configure VLAN to Access Internet but Isolate from Other VLANs
Question: How can I configure VLAN interface to access the Internet but prevent it from accessing other VLANs? Answer: * testvlan can access Internet * testvlan cannot access other internal subnets To achieve this configuration for VLAN interface, follow these steps. You don't need to create extra security policy rules. 1.…
-
How to limit the traffic for accessing youtube?
Scenario: Youtube consumes my bandwidth the most, how can I limit the traffic? Answer: Go to Site-wide > Configure > Firewall > Routing, add a Traffic Shaping Rule. Select Application as Service, and select Youtube. Enable Traffic Shaping, and give it values for download and upload limit.
-
Can I set up concurrent band mode for my USG20W-VPN?
Scenario: I have a USG20W-VPN, and I want to launch both 2.4G and 5G band mode with same SSID, is it possible? Answer: No, USG20W-VPN does not support this option. You only can select 2.4G or 5G, concurrent band mode is not available.
-
Is it possible to configure the LAN on a Nebula firewall to go out via a different public IP?
Question: Is it possible to configure the LAN on a Nebula firewall to go out via a different public IP? Answer: The current Nebula mode firewall doesn't support forcing client SNAT with a different public IP directly. You need to configure your firewall in on-premise mode or cloud monitoring mode to achieve this.
-
How to check the most used websites?
Question: How to check the most used websites? Answer: We can check the website usage on SecuReporter. Go to SecuReporter > Analysis > Network Activity > Web Content Filter, and scroll down to the button of the page, you can see two sections. Blocked Website Access History Allowed Website Access History With these two…
-
Guest WiFi is not working. It's connected but no internet access, do you know why?
Question: Guest WiFi is not working. It's connected but no internet access, do you know why? Answer: Go to Configure > Access points > SSID advanced settings > Advanced settings > Layer 2 isolation, enable Layer 2 isolation, and add the DNS server's MAC address to the white list, next to the gateway's MAC address. It…
-
How many NAT rules can I add on Nebula firewall?
Question: How many NAT rules can I add on Nebula firewall? Answer: USG FLEX 100(W): 50 USG FLEX 200: 50 USG FLEX 500: 100 USG FLEX 700: 200 USG FLEX 50: 50 ATP100(W): 50 ATP200: 50: 100 ATP500: 100 ATP700: 200 ATP800: 200 USG FLEX 50AX: 50