-
💬 Your Firewall Story Could Earn You $35 Across Two Platforms!
This discussion has been moved.
-
Secure Start with Zyxel x Tailscale 🎁 Get 6 Months of Tailscale VPN Free, Before Oct.!
This discussion has been moved.
-
[Trade-Up Program] 🔄 Time to Trade Up: Say Goodbye to Legacy USG, Hello to Next-Level Securi…
Time to Trade Up: Upgrade Your Legacy USG and Unlock a Powerful New Experience.
-
Add an additional program for remote access to the App Patrol list
Hello. I've encountered misuse of the meshagent.exe (MeshCentral) program on my network. Employees install the program without notification. The problem is that this program can be renamed and access different addresses on its server side. How can I block this program from running on the Zywall ATP 700? This program isn't…
-
Can't change EN password GS2220-28HP [FW V5.00(ABRR.2)]
I'm trying to use SSH cli on my switch. GS2220-28HP# enable Password: 1234 Warning: The enable password is default. Please change the enable password first. GS2220-28HP# enable password 12345 enable *password % Invalid input detected at '*' marker. GS2220-28HP# password %Invalid command "password"
-
Monitoring Mode not working on USG FLEX 500
Got a USG FLEX 500 that the Nebula Monitoring mode page seems to be bugged, as in it doesn't seem to functioning properly or accepting the ID that you give it. This happened a few months ago and I assumed this was a regular run of the mill bug that would get patched, but it still persists. Any ideas? I have a recording of…
-
USG Flex H series "no sooner than" roadmap for missing functions/features
Is their a roadmap for when the missing functions/features in release notes 1.10 might be finished ("no sooner than")? Of course there may be other items such as a config file converter, or a means to convert USG Flex licenses to series H. 50 functions/features or so no doubt means a small number of them will not perform…
-
Connect via SSL VPN as a user from the AD group (USG FLEX 700)
Can't connect via SSL VPN as a user from AD A local user is connecting via SSL VPN (userl). notice SSL VPN Failed login attempt to SSLVPN from http/https (incorrect password or inexistent username) [count=2] Testing user userp in: aaa group server ad dc01 - OK username sslVPN - OK My settings: ! model: USG FLEX 700 !…
-
IPv6 with pppoe
Hi I have an USG100, and got from the ISP following addresses. WAN: 2001.aaaa.b.cccc/64 and for LAN: 2001.aaaa.dddd/48 If I configure only the wan1_ppp with SLAAC, I get a valid ip and I can ping6 within the USG diagnostic as long the LAN interface is inactive. But if I activate the LAN interface the ping6 shows…
-
IPV6 on LAN1 with PPPoE (Deutsche Telekom)
Hallo, kennt jemand dem Ablauf, wie man das Einrichtet? SLAAC ist an allen Schnittstellen aktiviert, Prefix Delegation für WAN1_PPP scheint zu funktionieren... LAN1 ist ein Subnetz mit DHCP (IPV4), was ist noch zu tun, damit auch IPV6 läuft...
-
Security Policy Control Log
Hello, I have an USG FLEX 200H firewall, and I didnt find a way to make log from Security Policy Control events and save the log. The log in Log&Reports⇒Log/Events⇒System⇒Security Policy Control is very short in time range: 2-3 minutes long event list. Is there a way to make it longer and be saved or reported in email?…
-
personal agreement page has already error
-
SECUextender
-
Bridge DNS forwarding problem
VPN300 V5.37(ABFC.2) USG FLEX 200 V5.41(ABUI.0) So I think sadly nothing can be likely done for the VPN300 thats EOL but I might be able to workaround that but the problem happens on FLEX 200 so I be thankful if this could be fixed. The issue I'm seeing is I have a bind server with WAN IP does lookup from root servers you…
-
SSL VPN failed on macOS and Linux OS
Device: Zyxel USG FLEX 500 Firmware Version: (please insert your firmware version here) Service: SSL VPN Issue: SSL VPN is not working on macOS and Linux clients. The connection works normally on Windows using Zyxel SecuExtender, but macOS and Linux clients fail to establish the SSL VPN tunnel. Error messages: macOS:…
-
Setup Guide - IKEv2 VPN from Ubuntu 24.04 to an USGFLEX 200H
Here's a step-by-step installation and configuration guide for setting up an IKEv2 VPN client on a clean Ubuntu 24.04 system, using EAP-MS-CHAPv2 authentication and a split-tunnel configuration, with working ping to the Zyxel Firewall's LAN and internet preserved. The Zyxel USG FLEX configuration is identical to the one…
-
Problem with fine-grained CIDR notation (USG Flex 40)
The security policies seems to have a problem understanding CIDR notations from /27 and up (or is it down?). The case in hand is a number of servers in the 192.168.17.96 - 192.168.17.103 range, i.e. 192.168.17.96/29. But that doesn't work. Neither does 192.168.17.96/28, nor 192.168.17.96/27. I have to go all the way to /26…
-
USG Flex 500 doesn't connect to mail server
I recently moved from a Flex 100 to a Flex 500, and carefully (I hope) copied across all the settings. That all went fine, with one exception. We run a mail server called VPOP3. Mostly that just serves clients on the local net, but it should also serve external mail clients. To do that I've created a NAT rule which allows…
-
how to create vpn ssl with client openvpn
-
Is it possible to use Google Authenticator for VPN access - AD users ?
Is it possible to use Google Authenticator for VPN access (IKEv2/L2TP) when users authenticate via Active Directory ? (USG Flex 700)
-
Issues with built-in Wi-Fi and Guest VLAN after upgrading FLEX50W to firmware 5.41(ABAR.0)
Hi Folks, After upgrading the firmware of a ZyXEL FLEX50W to version 5.41(ABAR.0), the built-in wireless has become unstable. Additionally, the guest wireless network, which is associated with VLAN 9 and has a configured DHCP pool, no longer assigns valid IP addresses to wireless clients. Is there any patch or known fix…
-
ZyWALL USG20W-VPN - WLAN broke after V5.41(ABAR.0) upgrade
Hello, I upgrade from 5.40 to 5.41 and now my usual WLAN ssid does not work anymore. It keeps connecting / disconnecting. This happen from iPhone and from Arlo webcam. I tried to upload the 5.40 config file but problem remains. Also, strange fact: after logging in into 5.41 I get the error "wrong cli cmd…" but then…
-
EOL bug in VPN300 port group
VPN300 V5.37(ABFC.2) So not expecting this to be fixed just thought I share the problem. So this is the default each port is not shared or linked to another At one point I moved P6 to Ge3 so that P3 and P6 are under that interface all worked fine. Then I want to move P6 back to Ge6 which worked but firewall was allowing…
