-
Seriously, your ideas could be new feature for Security!
Hello Security Forum Members, Do you have moments that if your own thoughts or ideas can make better experience when using Zyxel security products? <3 We can make your wish come true! <3 Simply start a new post here describing your fabulous ideas for features or services you wish to have! Once your ideas get lots of vote ,…
-
2FA authentication by EMail
2FA authentication by EMail on FLEX H models allow 2FA authentication from other IP then the connecting VPN IP is from allow 2FA authentication by WAN
-
Console port compatibility with SH-RJ45A from DSD Tech
Hi to all the Zyxel folks reading this message, serial connection has been part of Zyxel devices I see for a long time… Zywall 2 Plus and Zywall 5 had a serial connection availabe, some with RS232 port some with an RJ45 port. Today, RJ45 console port is still on latest USG Flex lineup, and I think it's not going away soon.…
-
Please fix the settings below, they do not work as intended
Password renewal option every __ days, opting out this option does not work. Even if renew password is NOT enabled, the device still requires a new password for ALL users every 60 days- see pictures attached. Either you take out the click option because it does not work anyway, or you make it work 😊 This other option does…
-
DHCP and Secondary IP
It CAN be possible older models do it! when you do a routing rule incoming LAN next hop WAN 2 SNAT outgoing-interface which will be the the DHCP IP Or in my setup also incoming WAN to Secondary IP 192.168.254.1 Source Address 192.168.252.0/23 next hop WAN 2 SNAT outgoing-interface which will be the the DHCP IP with Static…
-
In WRR Trunk Load Balancing, add "Bind all sessions from one IP" option on H series Zywall
WRR distributes sessions among available WAN interfaces/lines. However, this may have an adverse effect if multiple sessions from the SAME client are spread among WAN interfaces, effectively showing different IP addresses from the different interfaces. Some sites/apps/services require more than one session to be open, and…
-
GitHub - Repository
Dear Team, I would like to propose the creation of an official GitHub repository for Zyxel, where scripts and solutions for specific use cases can be shared. Currently, there is a lack of repositories containing ready-made templates and scripts, similar to what competitors like Fortigate offer. The repository could…
-
2FA Login mask, 2 suggestions for log viewing
2FA Login Mask Browser login: entering username and password accepts ENTER and mouse click to continue. If 2FA is enabled, the next window with the 2FA code input does not accept enter but only mouse click to send/enter. One needs to grab again the mouse to hover over the button of send, this is annoying when there are…
-
Notification change: Abnormal tcp traffic detected, source port is zero, DROP
Is it possible to request a change to the log level for events such as: "Invalid TCP traffic detected, source port is zero, DROP" Lately I've been receiving notifications every 20 seconds and I can't hide them when viewing the logs. Support says there is currently no way to disable logging of these events. This is standard…
-
USG FLEX H series SSL VPN support push DNS domain suffix to SSL VPN client
User @Alex_91 requires USG FLEX H series SSL VPN support to push the DNS domain suffix to the SSL VPN client. If anyone likes this idea, please leave your comment and give it a vote! Original post
-
USG FLEX H SNAT to a pool of Internet addresses with two or more providers
Situation that providers provide subnets when connecting and there are several providers where traffic is balanced (backed up) is typical. In most (in all of my cases) large companies this scenario is used. Otherwise, if 500 clients come from one IP, there will be a guaranteed captcha and a ban in many services like…
-
USG FLEX H series - support user type 'ext-group-user'
User @p4_greg hopes the USG FLEX H series supports the user type 'ext-group-user', like the ZLD firewall. This use case is normally used to limit the VPN users to a specific Active Directory group. If anyone likes this idea, please leave your comment and give it a vote. Original post
-
SecuReporter dashboard display adjustment
User @GiuseppeR hopes SecuRepoter dashboard can display "traffic usage," "simple threats graph view," and "threat history". If anyone likes this idea, please leave your comment and give it a vote. Original post
-
VPN NAT Traversal when both USG are behind CGNAT with unpredictable source port
I'm not sure this will happen due to how it can only be done where by both ends are behind CGNAT with no incoming allowed and unpredictable source port mapping but here is one hell of a way to do it! Not 100% sure it would work. Here how port 500 Traversal would go then the same for 4500
-
USG FLEX H series support NetBIOS broadcast over SSL VPN tunnel function
User @Asgatlat hopes the USG FLEX H series can support NetBIOS broadcast over SSL VPN tunnel function as Zywall/USG FLEX/ATP series. Anyon likes this idea, please leave your comment and give it a vote. Original link
-
Flex H Series - 2FA Page with FQDN
Hello together We would like to have a possibility to assign an FQDN to the 2-FA page. However, this would require the internal DNS to be accessible before verifying with the 2-FA. The reason for our request is that we would like to store a certificate on the firewall so that the browser no longer displays the message that…
-
[USG FLEX H] Add counter on object page
User @PeterUK hopes to add a counter in FLEX H on the object page. Anyone likes this idea, please leave your comment below and give it a vote! Original post
-
[USG FLEX H] Retain Imported Certificates After Reset
@PeterUK proposes that imported certificates on USG FLEX H devices be retained even after a factory reset. This proposal follows an observation that, after resetting the USG FLEX 200H to default settings, all imported certificates are erased upon reboot. In contrast, ZLD devices retain certificates even after a reset,…
-
Enable Non-Wildcard FQDN for NAT Rules on USG FLEX H Series
@PeterUK proposes that the USG FLEX H series should allow the configuration of non-wildcard FQDNs in NAT rules. This feature would provide administrators with more precise control over traffic redirection, enabling configurations based on specific domain names for enhanced security and customization. This topic was raised…
-
Support FQDN for BWM on USG FLEX H Series
@PeterUK proposes that the USG FLEX H series should support adding Fully Qualified Domain Names (FQDN) to Bandwidth Management (BWM) rules. This feature would enhance flexibility in managing traffic by domain name rather than IP address, allowing for more targeted and effective bandwidth control. This topic was raised in…
-
Auto-Deletion of Configuration File Copies on USG FLEX H Firewall
@HUBERTKASPRZAK has proposed an idea for the USG FLEX H firewall to automatically delete the copy of configuration files after a specified time period. This suggestion was originally discussed in the forum thread below: Please help to give a vote or comment if you also like this idea.