Security Ideas - Zyxel Community

Seriously, your ideas could be new feature for Security!
Hello Security Forum Members, Do you have moments that if your own thoughts or ideas can make better experience when using Zyxel security products? <3 We can make your wish come true! <3 Simply start a new post here describing your fabulous ideas for features or services you wish to have! Once your ideas get lots of vote ,…
USG FLEX H support more than one SSL VPN configuration
User @ITC_Sercop requires USG FLEX H supports more than one SSL VPN configuration since they need to create two user groups for SSL VPN (OpenVPN Client), one using split tunnel and one using full tunnel, but the GUI doesn't seem to allow it. Anyone also likes this idea, please leave your comment below and give this idea…
Configuration of embedded OpenVPN Server
We had the problem that we had to change the entire "OpenVPN Connect" connection configuration on all clients. However, support told us that we could change the server configuration to propagate the settings. But we had no way. I think it would be a good solution if we could change some custom directives, such as…
USG FLEX H BWM support QoS setting
User Matthew hopes USG FLEX H BWM can support QoS setting (802.1P Marking). Anyone who likes this idea, please feel free to leave your comment and give it a vote! Original post
More improvements to DDNS Backup Address
FLEX H models In some cases ARP to gateway may not fail causing DDNS not to failover to backup so if DDNS tries the Primary Address (plus Checking Public IP URL) and does not reply it should use Backup Address. DDNS uses whats listed in Trunk and does not use the Backup Address causing the IP to not update at DDNS end…
BWM supports to reserve bandwidth for SSLVPN
User @laloutrejoyeuse hopes USG FLEX H series can support BWM function that can reserve bandwidth for SSLVPN, like "SSLVPN zone" or SSLVPN object. Any one likes this idea, please leave your comment and give it a vote! Original link
how can you help me recover my admin password by @mail, I wanted zyxel to send me a recovery message
recovery password mail
Enabling User-Configured Two-Factor Authentication with Google Authenticator
In response to the requirements raised by user @Alex_91, we propose adding a feature that allows end users to set up Google Authenticator themselves. This suggestion originated from the discussion found here: 2FA - two factor authentication | Auto setting Authenticator — Zyxel Community If anyone likes this idea, please…
FLEX H BWM/interface limiting improvement
For the FLEX H to have the same BWM/interface limiting like on older models including interface limiting those per interface in a bridge and BWM interfaces that are in a bridge along with interfaces not in a bridge and the option: Router(config)# bwm control-tcp-ack Thanks
Notification change: Abnormal tcp traffic detected, source port is zero, DROP
Is it possible to request a change to the log level for events such as: "Invalid TCP traffic detected, source port is zero, DROP" Lately I've been receiving notifications every 20 seconds and I can't hide them when viewing the logs. Support says there is currently no way to disable logging of these events. This is standard…
Same VLAN for multiple SFP ports
Hi I came across a problem with our 700H firewall, it has 2 SFP+ ports but no way to add the same VLANs to both ports nor can we add a VLAN to a bridge interface. In our case it would be very handy to create 2 SFP uplinks to different switches that both need the same VLAN configuration. Right now we need connect the…
Support mDNS routing/relay on Zyxel firewall
User @GiuseppeR hopes Zyxel firewall can support mDNS routing/relay for AirPrint, Chromecasts, Spotify, etc. Application usage. Anyone likes this idea, please feel free to leave your comment and give this idea a vote~ Original post
Implementing BGP, RIP and OSPF features for H series
In response to the requirements raised by user @AMI, we propose the addition of features as BGP, RIP and OSPF features for H series. This suggestion originated from the discussion found here: Flex H Models Routing Protocols e.g. BGP — Zyxel Community If anyone likes this idea, please feel free to leave a comment or click…
The length of field for user name is too short and prevents use by e.g. Azure
If I go System→Notification-Mail Server you are limiting the user name field to 60 characters. The maximum length of an email address in Exchange is 571 characters (see Recipient resolution in Exchange Server | Microsoft Learn) and I am using one in Azure that is 81. Please can you urgently extend the field length
Wake on LAN /Wake on WAN
While we have the option to Shutdown the USGFlex, there is no Option to wake up the device. Like my router by sending a (protected) wake-Up request the ZyWall should start and become operational. This should be possible from the LAN but also from the WAn site (external access).
Flex H configure 'source port is zero DROP' logging
Hello, I have an USG Flex H 50 and I get a huge number of alert messages of the type: abnormal tcp traffic detected, source port is zero DROP I have not found any way to disable these logs and they are drowning the important stuff, as you can see on the screenshot. The firewall is already blocking this traffic and that's…
So much missing
having taken delivery of a 500H am surprised how much is missing that I had on my Flex 50. This is a very underwhelming piece of kit - especially given its cost. I read of a two year roadmap - Zyxel you need to accelerate this! I have used your products for years and rated them - am struggling to do that My two cents on…
Built-in ACME Client
As you know, CA/B Forum has voted to shorten validity period for SSL/TLS certificates. Current: Public SSL/TLS certificates currently have a maximum validity of 13 months (approximately 398 days). Upcoming Changes: 2026: Maximum validity will be reduced to 200 days. 2027: Maximum validity will be further reduced to 100…
Wireguard?
WireGuard® is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running…
USG Lite 60AX DHCP Option 61
User @too_many_accounts need USG Lite 60AX to support DHCP Option 61 for his ISP in the UK (SKY). Anyone who also needs this option, please leave your comment and give it a vote. Original post
FWA710 SMS/text message feature
Hello, II would love to see SIM card SMS/text message receiving feature in the mobile outdoor router series. Or SIM card text message readout. And notification via Nebula when received. Reason : From time to time our ISP sends text message for network maintenance work and planned downtime or other important messages from…

Welcome!

It looks like you're new here. Sign in or register to get started.