-
Recovery Steps for USG FLEX/ATP Series Application Patrol Signature Issue (Jan. 2025)
Symptom: The App Patrol signature release V1.0.0.20250123.0 may create parsing error on device for On-premises mode, application patrol daemon will not work well after updating this new signature though the rest of UTM features keep running. However, the worst case is that device may get stuck if device did rebooting…
-
Zyxel USG FLEX and ATP series – Upgrading your device and ALL credentials to avoid hackers' attack
Zyxel team has been tracking the recent activity of threat actors targeting Zyxel security appliances that were previously subject to vulnerabilities and admin passwords have not been changed since then. Users are advised to update ALL administrators accounts for optimal protection. Based on our investigation, the threat…
-
Important Reminder for your Content Filter Service
At Zyxel, we are committed to providing you with the most advanced and secure services possible. In line with this commitment, we continuously enhance our Content Filter service to ensure top-notch security detection from Trellix. To ensure your service running stable and efficiently, please upgrade firmware to the latest…
-
How to solve the issue "ZTP is already enabled" on VPN series?
Symptom: Unable to access the web GUI. Access the web GUI but the page "ZTP is already enabled" appears. The device is on-premises mode and never deployed using ZTP. Q1. What are the impact model and version for this issue? Affected model Affected version VPN50 5.00 through 5.36(ABHL2)C0 VPN100 5.00 through 5.36(ABFV.2)C0…
-
What should I do if the device failed to be upgraded to the latest firmware?
Please follow the procedure to upgrade the firmware Step 1. Make sure you have on-site local support that able to reach the device Step 2. Unplug all WAN connections. Step 3. Access the device via LAN IP. Step 4. Copy startup-config.conf to recover.conf. Download "recover.conf" to your PC. Step 5. Switch to standby…
-
VPN100 IPSec VPN Issue
I have a Zyxel VPN100 and trying to get an IPSec VPN tunnel established with another device on another network It gets through phase 1 and phase2 and says the tunnel is built successfully. But then it always says IKE SA is disconnected and the tunnel collapses The VPN100 is behind another router that is not in bridge mode…
-
Usg flex h with build in wifi
I was wondering if there will be an model of the flex h series with build in WiFi. There is an flex 100 ax, but i think in 2030 this will eol?
-
Locked out of admin account on USG FLEX 100W
Hi, I have been having a running battle with a USG FLEX 100W for over a year now. I keep getting locked out of the admin account after a period of time. This is despite repeatedly resetting and re-configuring the device on a couple of occasions. Typically, I would factory reset the device, reconfigure from scratch, set the…
-
Application patrol: "Media Streaming" and google app
we have an issue with application patrol that when we reject "Media Streaming" services like google drive, google docs, google forms are blocked. I cant find which of the "Media "Streaming" item is related to that, you can help me? Those google apps are only blocked when we block "Media Streaming", otherwise the work well.
-
Zyxell ZyWall 110
Hello, I am the owner of ZyWall 110, which has been purchased second-hand. It is registered to my ZyXell account and has been updated. The device is located at the entrance of my network, where I have proxmox and QNAP servers. My primary question is how to configure LT2P and SSL VPN connections to my servers. I do not have…
-
H-serie firewall v1.32(ACLP.0), Gui Object-Schedule creation not possible. What is wrong?
I want to create a schedule plan to disable internet access on WAN port and to disable power on the poe port for energy savings during night hours. The stop time (05:30Hr) is later as the start time (00:30hr) on the same day. I failed to create a recurring schedule object in gui, by getting an error message. Entering the…
-
Zyxel SCR50AXE change the MAC on WAN port.
Hello, how do I change the MAC address on the WAN port of the Zyxel SCR50AXE ?
-
Attempt to login to USG50, Chrome reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I would like to confirm that the USG50 can also be configured (using CLI or web interface) to increase its minimum security level so that current Google Chrome is satisfied. Additionally, would this change impact any existing security definitions for VPNs?
-
BGP dual wan configuration
Hello I need help setting up BGP for 2 providers at Zyxel atp200
-
USG Flex 200 -- Help - Deferred UTM License
Help Setup my first USG Flex 200 last week…… Guides were semi-helpful….not a very intuitive product but I still got through the setup. While struggling with the setup, I learned that the Gold Pack does not include UTM. On Thursday 4/3/25 - Purchased a UTM license via Zyxel marketplace. Zyxel was able to take my money…
-
I can't access the web UI of the USG FLEX 500 but it is working.
I can't access the web UI of the USG FLEX 500 but it is working. I've tried connecting to the other port and, I can Access the Web UI on that one. I try to restart the USG FLEX but still not able to visit the WEB UI. Last Friday we can still access it but now we can't, What should be the error?
-
VPN Connection Issue
Hi all, I'm wandering around a client-to-site VPN access issue. Scenario: HQ USG310 (will be be replaced with 500H) with IKE2 with cert. client-to-site VPN and about 40 remote clients. Some of them have strange connection issues "seemingly" related to the internet connection. I took a couple of laptops and phones from the…
-
How can I transfer settings from USG Flex 100 to Flex 500
Hi, I'm upgrading from a Flex 100 to a Flex 500. There are a lot of settings and data in the Flex 100, and rather than have to re-enter all of them into the 500 I'm looking for a utility which can automate at least part of the process. Is there any tool available to help with this, please? David
-
Moving Configuration between different models
I have now some ZyWALL 310 I wish to upgrade to a newer model. Can I move the configuration to the new firewall, probably a USGFLEX, or do I need to rewrite it from scratch ?
-
SCR50AXE sending internal ARP requests on WAN interface
Hello, I've just captured some traffic from the WAN interface of my SCR50AXE device. One thing seems very odd and that is that the device is sending ARP requests of internal VLANs on the WAN interface. Sending ARP requests on a completely different Subnet makes no sense in itself, but sending all ARP requests from all…
-
When DNS Content Filter enabled company root domain won't forward to website
At two separate companies I manage, I changed their Zyxel FLEX router (current firmware) from using Web Content Filter to DNS Content Filter and things work well except the company root domains no longer forward to the company website. Say our company is example.com , normally when you enter that in a browser it forwards…
-
ZLD 5.x firmware development status
According to this page https://support.zyxel.eu/hc/en-us/articles/360005438274-Weekly-Firmware-Support-Version-Lab-Version latest pubblication of Lab Firmware for ZLD 5.x is dated november 2024, 1 month after 5.39P1, roughly 20 weeks ago. Is there a new way for access Lab Firmwares? Is Lab Firmware release suspended? Is…
-
USG40W - When entering a website (www.idrive.com) I get redirected to the firewall login
Hi, When trying to access the website www.idrive.com on any PC on the network the page gets redirected to the login screen for the USG40W. We found this issue when trying to get Cloud Replication (Backup) working on the iDrive BMR device. THe site *.idrive.com is listed as a Trusted website in the Content Filter. Larry
-
model vpn100 come fare port forwarding
-
Info configurazione 2 lan USG 50 Flex
ciao a tutti volevo chiedervi aiuto per una configurazione, ho un USG 50 flex con 2 server con 2 classi LAN diverse Server 1 DC con DB SQL su LAN 192.168.0.1 Server 2 WEB (IIS) su LAN 192.168.2.1 Devo far comunicare i 2 server, Tra le reti occorre tenere aperte le seguenti porte: Da internet a Server WEB (TCP) 443 Da…
