Networking - Zyxel Community

How to Create a Guest Network on Nebula?
Question: How do I create a guest network on Nebula? Answer: To create a guest network on Nebula: Navigate to Site-wide > Configure > Firewall > Interface. Enable the Guest option. Once the guest network is enabled, clients connected to this interface will only have Internet access and will be restricted from accessing…
[ATP/FLEX] When WAN1 comes back online, why does the traffic continue to stay on WAN2?
Question: I have configured Weight Round Robin setting from Nebula firewall and also setup WAN2 interface as Backup interface. But why the traffic still keep on WAN2 interface even the WAN1 interface has fallback completely? Answer: The firewall will keep the old session on WAN2 interface until it has transmitted…
How to Configure NAT 1:1 Firewall on Nebula?
Question: How can I configure a NAT 1:1 firewall on Nebula? Answer: Go to Site-Wide > Configure > Firewall > NAT, and click Add to create a 1:1 NAT rule. Public IP: Wan interface IP LAN IP: The IP address of the LAN host Uplink : Wan1 or Wan2 Note: The public IP address used for NAT cannot be the same as the WAN interface…
How to Route Traffic from One LAN to the Internet via a Specific WAN?
Question: How can I route traffic from one LAN to the internet via a specific WAN? Answer: Navigate to Site-Wide > Configure > Firewall > Routing. Click Add to create a policy route. Source: Internal subnet or interface Destination: Any Type: Internet Traffic Next-Hop: External WAN interface
[ATP/FLEX] Why is Guest network on lan2 interface grayed out?
Question: I would like to turn on Guest network on lan2 interface but it is grayed out. How to turn it on? Answer: This is because this interface is using VPN in the site-to-site VPN. If you need to turn on Guest on the interface, disable VPN usage on this interface and you can turn on Guest on the interface.
[ATP/FLEX] How to configure IPv6 on Nebula firewall?
Question: How to configure IPv6 on wan and lan interfaces on Nebula firewall? Answer: Currently, Nebula firewall does not support IPv6. You can configure IPv6 on the firewall's web GUI and use Cloud Monitoring Mode to manage the device in Nebula.
How do I check the connectivity check failure log on the Nebula firewall?
uestion : Once the user configures the connectivity check the settings, as shown below: How to check the connectivity check failure log on the Nebula firewall? Answer : The user can navigate to Side-wide > Monitor > Firewall > Event log and select the Category to 'System' to search the historical log. For instance, if the…
[ATP/FLEX]Why NAT loopback does not work on USG FLEX/ATP Series?
Question: A user can access an internal website with Internal IP but not on WAN IP. How can this issue be resolved? Answer: It might be NAT loopback does not work as expected. Please ensure the Virutal server WAN address in setting page is bound to the public IP instead of Any. If you use "ANY", the Firewall will not…
Why am I unable to add a NAT rule with a specific port range?
Why am I unable to add a NAT rule with a specific port range? Question: Why can't I add a NAT rule for the port range 51000-52000 on my firewall? Answer: The issue arises because of overlapping port ranges in your existing NAT rules. Specifically, RuleX is already using the port range 49152-65535, which overlaps with the…
How to configure remote access to a PC via Nebula?
Question: I am trying to configure remote access to a PC via Nebula. How to configure on Nebula firewall? Answer: You can follow the guides in these FAQs to configure a NAT rule with RDP port 3389 on Nebula firewall. [ATP/FLEX] How to configure a NAT Rule (Virtual Server) on Nebula? [ATP/FLEX] How to configure a NAT rule…
How do I configure vlan to vlan communication on firewall?
Question: How do I configure vlan to vlan communication on firewall? Answer: Once vlan interfaces are created, they can communicate with each other because of the default implicit allow rule. You can add extra security policy rule (Deny, Source and Destination) to block traffic between vlan interfaces. If you just allow…
[ATP/FLEX] How to add virtual interface on Nebula firewall?
Question: How to add virtual interface on Nebula firewall? Answer: Nebula doesn't support virtual interface. If you need to add virtual interfaces on ATP/USG FLEX, you can switch the operation mode to Cloud Monitoring Mode. [ATP/FLEX] How to set up Nebula Monitor Mode? I want to use cloud monitoring mode, but what should I…
How do I check the DHCP-related settings of an interface using the CLI on a Nebula firewall?
Question : For troubleshooting purposes, the user may want to check the DHCP-related settings of an interface using the CLI on a Nebula firewall. This article will guide you on how to do that. Answer : Regarding this article: How do I check the interface-related settings using the CLI on a Nebula firewall? The user can use…
How do I check the interface related settings using the CLI on a Nebula firewall?
Question : For troubleshooting purposes, the user may want to check the interface-related settings using the CLI on a Nebula firewall. This article will guide you on how to do that. Answer : The user can navigate to Site-wide > Configure > Firewall > Interface to check the current interface settings. Additionally, the user…
How do I display clients from a specific subnet in the ARP table using the CLI on a Nebula firewall?
Question : How do I display clients from a specific subnet in the ARP table using the CLI on a Nebula firewall? Answer : The user may want to check the current clients from a specific subnet for troubleshooting purposes. They can use the CLI command show arp-table | match "subnet IP range" to do this. For example, the user…
How to check the DHCP IP assignment in the event log?
Scenario : For troubleshooting DHCP IP assignment issues, the user can use the event log to check whether the DHCP IP assignment was completed. Answer : Navigate to Site-wide > Monitor > Firewall > Event log > Choose the Category as DHCP, specify the time duration, and then search it, as shown below: The PC gets a DHCP IP…
How to configure an built-in AP on a firewall via Nebula Control Center?
Background Configuring built-in access points (AP) on Zyxel firewalls through the Nebula Control Center (NCC) differs slightly from configuring a Nebula access point. Understanding how to navigate these settings is essential to ensure your network runs smoothly and efficiently. Scenario An administrator encountered…
How do I execute SNAT for a specific WAN interface on a Nebula firewall?
Question : How do I execute SNAT for a specific WAN interface on a Nebula firewall? Answer : For instance, if the user wants to specify that LAN1 clients should use SNAT via WAN1 or WAN2, please navigate to Site-wide > Configure > Firewall > Routing to add a policy route. Choose WAN1 or WAN2 as the Next-Hop, as shown below:
Why Can't I Set an Unnumbered IP Address on USG FLEX500?
Question: I want to set an unnumbered IP address on the WAN interface of my USG FLEX500. How can I do this? Answer: It does not support unnumbered IP at current design.
How to route specific internal IP addresses via a virtual interface WAN1:1?
Question: On ATP/USG FLEX, you cannot select virtual wan interface as Next-Hop in policy route. How to route specific internal IP addresses via a virtual interface WAN1:1? Answer: To route specific internal IP addresses via a virtual interface WAN1:1 on your USG FLEX device, follow these steps: * Create a new address…

Welcome!

It looks like you're new here. Sign in or register to get started.