-
Recovery Steps for USG FLEX/ATP Series Application Patrol Signature Issue (Jan. 2025)
Symptom: The App Patrol signature release V1.0.0.20250123.0 may create parsing error on device for On-premises mode, application patrol daemon will not work well after updating this new signature though the rest of UTM features keep running. However, the worst case is that device may get stuck if device did rebooting…
-
[2025 April] SecuReporter Maintenance Announcement
Dear SecuReporter Users, We want to inform you that SecuReporter is currently offline for server upgrades. Our team is working hard to enhance the service and ensure a better experience for all users. However, SecuReporter will continue to receive logs from Zyxel devices during the maintenance, and all the latest data will…
-
Zyxel USG FLEX and ATP series – Upgrading your device and ALL credentials to avoid hackers' attack
Zyxel team has been tracking the recent activity of threat actors targeting Zyxel security appliances that were previously subject to vulnerabilities and admin passwords have not been changed since then. Users are advised to update ALL administrators accounts for optimal protection. Based on our investigation, the threat…
-
What's New: uOS1.30 Patch 1Firmware Update for USG FLEX H Series
This discussion has been moved.
-
What's New ZLD5.39
Enjoy stronger traffic control with a new CLI command to drop TCP SYN packets with data, faster filtering, and a fix for Chrome’s TLS 1.3 content filter bug. Update today for seamless protection. Zyxel is committed to continuously updating your devices for important maintenance information. This latest release also…
-
Important Reminder for your Content Filter Service
At Zyxel, we are committed to providing you with the most advanced and secure services possible. In line with this commitment, we continuously enhance our Content Filter service to ensure top-notch security detection from Trellix. To ensure your service running stable and efficiently, please upgrade firmware to the latest…
-
How to solve the issue "ZTP is already enabled" on VPN series?
Symptom: Unable to access the web GUI. Access the web GUI but the page "ZTP is already enabled" appears. The device is on-premises mode and never deployed using ZTP. Q1. What are the impact model and version for this issue? Affected model Affected version VPN50 5.00 through 5.36(ABHL2)C0 VPN100 5.00 through 5.36(ABFV.2)C0…
-
What should I do if the device failed to be upgraded to the latest firmware?
Please follow the procedure to upgrade the firmware Step 1. Make sure you have on-site local support that able to reach the device Step 2. Unplug all WAN connections. Step 3. Access the device via LAN IP. Step 4. Copy startup-config.conf to recover.conf. Download "recover.conf" to your PC. Step 5. Switch to standby…
-
I can't access the web UI of the USG FLEX 500 but it is working.
I can't access the web UI of the USG FLEX 500 but it is working. I've tried connecting to the other port and, I can Access the Web UI on that one. I try to restart the USG FLEX but still not able to visit the WEB UI. Last Friday we can still access it but now we can't, What should be the error?
-
When DNS Content Filter enabled company root domain won't forward to website
At two separate companies I manage, I changed their Zyxel FLEX router (current firmware) from using Web Content Filter to DNS Content Filter and things work well except the company root domains no longer forward to the company website. Say our company is example.com , normally when you enter that in a browser it forwards…
-
SCR50AXE sending internal ARP requests on WAN interface
Hello, I've just captured some traffic from the WAN interface of my SCR50AXE device. One thing seems very odd and that is that the device is sending ARP requests of internal VLANs on the WAN interface. Sending ARP requests on a completely different Subnet makes no sense in itself, but sending all ARP requests from all…
-
ZLD 5.x firmware development status
According to this page https://support.zyxel.eu/hc/en-us/articles/360005438274-Weekly-Firmware-Support-Version-Lab-Version latest pubblication of Lab Firmware for ZLD 5.x is dated november 2024, 1 month after 5.39P1, roughly 20 weeks ago. Is there a new way for access Lab Firmwares? Is Lab Firmware release suspended? Is…
-
USG40W - When entering a website (www.idrive.com) I get redirected to the firewall login
Hi, When trying to access the website www.idrive.com on any PC on the network the page gets redirected to the login screen for the USG40W. We found this issue when trying to get Cloud Replication (Backup) working on the iDrive BMR device. THe site *.idrive.com is listed as a Trusted website in the Content Filter. Larry
-
model vpn100 come fare port forwarding
-
Info configurazione 2 lan USG 50 Flex
ciao a tutti volevo chiedervi aiuto per una configurazione, ho un USG 50 flex con 2 server con 2 classi LAN diverse Server 1 DC con DB SQL su LAN 192.168.0.1 Server 2 WEB (IIS) su LAN 192.168.2.1 Devo far comunicare i 2 server, Tra le reti occorre tenere aperte le seguenti porte: Da internet a Server WEB (TCP) 443 Da…
-
Allow External IP on USG FLEX 100
Hello , I installed USG FLEX 100 to permit external access with my smartphone to view internal camera but doesn't work. I verified pubblic IP , NAT rule and Mac Address and all seems ok. But at the moment I can't view from smartphone (with APP ) . With previous Firewall USG 40 with same Pubblic IP and NAT works fine. I…
-
Attempt to login to USG50, Chrome reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I would like to confirm that the USG50 can also be configured (using CLI or web interface) to increase its minimum security level so that current Google Chrome is satisfied. Additionally, would this change impact any existing security definitions for VPNs?
-
USG Flex 200 -- Help - Deferred UTM License
Help Setup my first USG Flex 200 last week…… Guides were semi-helpful….not a very intuitive product but I still got through the setup. While struggling with the setup, I learned that the Gold Pack does not include UTM. On Thursday 4/3/25 - Purchased a UTM license via Zyxel marketplace. Zyxel was able to take my money…
-
IPSec sessions on the firewall not terminated after a while of being idle?
I have the following scenario: I manually connect with a device (smartphone or notebook) and via IPSec VPN client (the ones generated by the USG-20W-VPN), StrongSwan resp. Win1x Client from outside. Now, when I take the device(s) again in WiFi range, they reconnect to the WiFi ergo the IPSec tunnel is not used anymore.…
-
VPN client-to-site settings for MacOS 15 (Sequoia)
Hi, I'm currently using these settings for a working VPN connection from Windows native clients: Gateway: - SA Lifetime: 86400 - Negotiation mode: Main - Proposal (enc/auth): 3DES/SHA1 - Key Group: DH2 Connection: - SA Lifetime: 3600 - Active Protocol: ESP - Encapsulation: Transport (L2TP/IPSec) or Tunnel (IKEv2) -…
-
USG flex100H WebIF über SSH aktivieren
Guten Tag! Kann mir bitte jemand sagen, wie ich das WebIF über SSH bei der USG flex100H wieder aktivieren kann. Für die USG 100 habe ich folgende Befehle gefunden, diese funktionieren bei mir leider nicht! "configure terminal" "no ip http secure-server auth-client" Vielen Dank im Voraus!
-
USG Lite 60AX DHCP Option 61?
Option 60 exists in the WAN interface but I need to set option 61 for my ISP in the UK (SKY).
-
Speedtest is not working on USG FLEX 100AX
Hi, I have an issue with the speedtest fonction on an USG FLEX 100AX. I have no server in the list to choose for the speedtest. If i choose my interface, the speedtest server switch to "auto". The result is "Can't get server list, please check your connection or specified source IP." whatever the choice i made. Can you…
-
Trouble with site to site VPN
Hello, I write becouse i have a trouble with a VPN site to site, I set the tunnel correctly with this scenario: Site A USG FLEX 50 with firmware 5.39 (STATIC IP) lan 1 10.1.10.X with many VLAN 192.168.10.X - 192.168.20.X … Site B (DYNAMIC PEERS WITH CGNAT) USG FLEX 200 lan 1 10.1.11.X with many VLAN 192.168.11.X -…
-
Why i am losing data packets in my ZyXEL USG40?
My ISP is Yota NICARAGUA (https://yota.com.ni/), i have 40Mbps acquired but i am losing data packet often. One part of devices use ethernet network, another part use Wifi network. The majority of devices using the Wifi network use the band 2.4GHz. One minority of devices use the band 5GHz. According to the ISP i am losing…
-
Windows Netwok Policy Server as Radius
We have a Flex 500 Zyxel firewall and a Windows 2019 Server on the system. The clients are remotely connecting to the network via L2TP VPN. We want to use the Windows Network Policy Server for Radius authentication on the firewall, but no matter what condition we specify in the NPS, in the Connection Request Policy, the…
-
Download library checksum
Hello everyone, went online to download a firmware and I noticed that the declared SHA is incorrect: As you can see there is SHA2 while it should be displayed SHA256
-
IKEv2 causes USG to crash
We’ve been running several USG devices (110 and 210) without issues for years. However, our USG110 recently started hanging every three days. By "hang," I mean it completely stops responding and becomes inaccessible by any means. To rule out hardware or configuration issues, we replaced it with a brand-new USG210 from…
