Security Ideas - Zyxel Community

Change the port for SSL VPN
Change the port for SSL VPN so the SecuExtender can connect on another port other then 443.
Virtual firewall link to USG/Zywall/VPN
Had this idea for some time but didn't think it could work for devices going by a bridge until I worked out how that could be done. So let start with the setup LAN1 to OPT with no LAN1toOPT firewall rule but has LAN1toZyWALL allowed only. So heres the idea a software firewall by Zyxel on windows 10 that links to the…
Improve policy control for UTM Profile application patrol
This discussion was created from comments split from: Improve policy control for UTM Profile application patrol Description: In current design, policy control function can only drop specific applications and allow others in the rule. It is unable to: Allow specific Applications service but drop others. Click like if you…
Display message when website is blocked by IP Reputation Filter
This discussion was created from comments split from: IP Reputation Filter Description: Show a message to display when a site is blocked by the IP Reputation filter.
Why are there so many places to login to for ZyXEL information, support and firmware?
There are FAR too many places to login to for ZyXEL. * FTP (for some firmware versions, like managed switches and access points) * Portal aka MyZyxel (for other firmware versions - mostly USG) * Business Forum - requires login through portal * Zyxel Support Campus - separate login entirely * vars.zyxel.com (anyone else had…
How to enable firewall for MS Office and Teams(Other service block)
This discussion was created from comments split from: USG40: How to enable firewall for MS Office and Teams? Description: How to enable firewall for MS Office and Teams(Other service block)
Request New VPN2S USB Dongle compatibility List
This discussion was created from comments split from: VPN2S USB Dongle compatibility List: 5 years old? Description: Request the New VPN2S USB Dongle compatibility List
Secuextender GUI, notification about Service error
HiJust had a case when a customer can't conect to SSL VPN. At the logs, you see the cause for the problem. It's also easy to resolv, the service was set to manual by some "tewaking tool". Logfile [ 2020/04/20 09:30:05 ][SecuExtender Agent][DETAIL] Checking service (first) ... [ 2020/04/20 09:30:05 ][SecuExtender…
Comment filed for white/blacklist
This discussion was created from comments split from: Request: Comment filed for white/blacklist Description: Add the note on the whitelist
Feature Request, Zywall 110 FW V4.35(AAAA.3)
Hello, since Firmware V4.30(AAAA.0) my Zywall 110 is not able to open a Multi-Session Connection to a target while using more then one WAN-connection. With FW V4.30(AAAA.0) this is stil possible, after then a target has a binding to one of the WAN Connections only. So my request is to make it possible to select if the…
Publish ZYOS IPSEC, IKE L2TP, SSLm, Debug etc VPN Error codes and their Resolution
Hi Lads at Zyxel, I'd like to see a very technical reference document available to Zyxel customers that provides: A detailed list of VPN error messages and codes that is indexed and referenced for USG logging categories IKEm IPSEC, SSL, L2TP and Debug that contains reasonable and detailed EXPLANATIONS and straightforward…
Emergency codes for 2FA
Good day! Today, the failure of ViaNett for the SMS showed the vulnerability of the 2FA solution from Zyxel. IT is absolutely mandatory to have emergency codes at least for the administrator login. As implemented in the Nebula portal Zyxel should know the system of emergency codes. When can we expect to have a working 2FA…
Displayed log including mac address, timestamp and websites in a log file.
This discussion was created from comments split from:Log web history Description: To display users login websites log, including user MAC address, websites & timestamp.
ADP SYN, ACK flood from SYN
Theirs is no way to tell if a SYN is valid or not but lets say its not your server sends a SYN,ACK waits a bit if no replay sends another waits again till a RST is sent its a low DDoS bandwidth attack that can add up so what if the USG allow the first SYN,ACK but drops the others.
Display wireless related log on SecuReporter
This discussion was created from comments split from: suggestion new SecuReporter integration Description: Displayed AP Controller related log on SecuReporter
Hit count - security policy
Hello! Maybe it is possible to add a "hit count" to the security policy rules, to see the activity of a specific rule. BR, MJR
Optimize the email log report
This discussion was created from comments split from: is-it-possible-to-change-the-format-of-e-mailed-reports Description: Optimize the email log report.Considering to attach the log as a file in the mail attachment to avoid any kind of mail layout problem.
PCI Compliant
This discussion was created from comments split from: pci-compliant Description: To compatible with the PCI compliance, the SSL certificate validity need to re-authenticated more frequently.
Show IPSec VPN logged in user with certificate on IPSec VPN Monitor
This discussion was created from comments split from: USG310 - IPSEC Client & Certificate & Who is logged in Description: Currently we support related connection of IPSec VPN information on IPSec VPN Monitor, but do not support which user logged in IPSec VPN tunnel with certificate.
NAT to do ports to port
When making a NAT rule you select for port mapping type ports to port where you can set external start port e.g. 49142 and external end port e.g. 65535 to internal port e.g. 80

Welcome!

It looks like you're new here. Sign in or register to get started.