-
Download library checksum
Hello everyone, went online to download a firmware and I noticed that the declared SHA is incorrect: As you can see there is SHA2 while it should be displayed SHA256
-
UDP port 4500 sometime get blocked when allowed over bridge V2
So still happing this problem turns out was not the LAG bridge setup as I now have two port bridge on VPN300 but the only way to fix is to clear the NATT session in this case from 82.132.220.254 which UDP 4500 comes in on one interface of the bridge and does not send out the other interface until session is cleared then it…
-
USG 200 Flex Manuals
Hi Zyxel support. I have some questions for you but I will start with most important. I have ordered a new USG 200 Flex since my older USG 60 have got obsolete. To prepare my self for this new unit I would like to get hold on some good manuals where I can read good explained details of how to set this up with the features…
-
abnormal tcp traffic detected, source port is zero, DROP
For several weeks now, I have been seeing repeated log entries on multiple Zyxel firewalls (Flex 700 & 100, USG110, ATP200) related to abnormal TCP traffic from the same Bulgarian IP addresses. Based on my research, including responses from Zyxel, these log entries appear to be necessary for the devices to remain licensed.…
-
Ethernet activity LED not working
An ATP500 that I am responsible for managing has been affected by the "Application Signature Issue on January 24th 2025". After performing the firmware restore procedure that resolved the issue, I noticed that the activity LED stopped working. My question is whether this change was planned or is it something to be resolved?
-
usg flex 700 traffic randomly swapping outgoing interface
I have a USG Flex 700, that look to be randomly swapping the wan interface that it tries to route traffic thru, some times it goes thru the right port others it does not, tho only from one network and seemingly not to every destination ip, i have been going thru the configuration to see if i could find anything about a…
-
ATP 500 - Random Reboot
Hi, My ATP 500 frequently restarts several times a day. Apparently for no reason. From the System Log you can clearly see it. Of course, each time the network is interrupted for 3-5 minutes. Any idea what the reason is? Thanks D.
-
App Patrol allowing Specific hosts on Blocked Applications
Hello, We are currently configuring a ZyWALL FLEX100 and need help implementing a policy with the following requirements: Block access to all hosts: • Movies and TV series platforms • Online games • YouTube • Social media (except for host1 - IP 192.168.1.21) • Online radio, TV and Spotify (except for host2 - IP…
-
How can I turn off logging of URL Threat Filter allowed list items?
Configuration > Security Service > Reputation Filter > Allow List tab When I add sites to the Allow list and check the box to Enable Allow List, I then get log entries for items on the allow list in the System Log. I have URL blocking set to block and log set to log. I only want to see items in the System Log when they are…
-
DNS Query over IPSec VPN with Content filter
Hi We have two sites that are connected with IPSec. We send all DNS requests from site A to site B, the DNS server on site B is a USG Flex Firewall. My problem is that all DNS responses for site A are unfiltered. Is it possible to use the DNS content filter for the for the DNS Request coming from Site B? Thanks for your…
-
USG LITE 60AX vlan firewalling
Hello, just a quick question: Does the USG LITE 60AX support firewall rules between vlans that are on the lan side of the device other than then the toggle for "Guest Network"? I know that the SCR 50AX can't do that, because I have a SCR 50AX and I have tried and there was also a question about this on the forum. But I…
-
zywall atp100w - external captive + radius
Hi all. I really need help from the community on setting up zywall atp100w. I read a lot of information on setting up, but I still couldn’t set it up correctly. Task: I have an atp100w router on which an open wifi network is configured on LAN1. Internet access is configured via WAN. NAT is configured. Wifi users access the…
-
Transfer services from USG40 to USG50 Flex
Hello everyone How can I transfer some active services related to my old USG firewall to the new one? Example: Content Filter SecuReporter If I try from the zyxel portal it tells me there are no compatible products Thanks for your help Regards F.
-
L2TP over IPSec Client (iOS, Windows, Android)
Hello all via wizard i configured the vpn in subject. I can connect I can see in the zyxel monitoring my vpn session with the Mac, but unfortunately I can't access or ping the local resources. USG50 FLEX WAN 192.168.1.200/255.255.255.0 L2TP IP Address Pool RANGE, 192.168.1.30-192.168.1.35 LAN1 IP 10.10.10.33 Can someone…
-
Default DNS servers
On my Zywall USG Flex 200 I have 2 WANs active. Both WANs got different DNS servers assigned via DHCP. The assigned DNS servers were automaticly added under 'System-DNS' with Domain Zone '*'. My question: Is it possible to prevent the automatic assignment of e.g. WAN2?
-
USGFLEX 200H - VPN IPSec Remote Access Local Network
Hello, [USG FLEX 200H] We use IPSec VPN to provide remote access to two local networks (192.168.100.0/24 & 192.168.106.0/24) The only way we found to authorize access to these two networks is using a larger subnet : But that's not clean. Is there a way to authorize only two separate networks and not all the range ? Thank…
-
Why do we need a static route for accessing remote RADIUS on USG?
When we setup an authentication through the tunnel, e.g. on remote RADIUS we should specify a static route to a remote subnet. For example, as explained here: https://support.zyxel.eu/hc/en-us/articles/360001475219-VPN-Configure-User-Authentication-through-a-Remote-VPN-Site#1-configure-site-a-usg-firewall-1 It works but my…
-
USG FLEX series and SSL VPN compatibility
Hi, Does the USG FLEX (non-H) series support SSL VPN with the latest firmware? I know the client has been discontinued, but I would like to know whether these firewalls still support it? The specs do not mention SSL VPN anywhere, however the manuals do have a chapter dedicated to SSL VPN configuration. If yes, can someone…
-
NAT from local network to Site-To-Site tunnel?
Hi! I have a scenario, where 3rd party has public and internal IP-address for a FQDN. We have site-to-site tunnel between our and their local networks. Is there a correct way to do NAT for cases, when if our computer in local network resolves incorrectly FQDN to 3rd party's public IP instead of local IP where we want to…
-
How To Add FQDN fo Viber and Wechat in ATP 700
I already added FQDN for Viber app but can not connect. I want to setup to allow Viber and Wechat for user
