-
"network client" interface in "Easy Mode" not working (USG40W) - bug
when logged into the USG40W, and when in easy mode, if I click in the window "network client" on the "menu" icon (upper right corner, see image below), then it starts saying "loading" and nothing happens (forever). See image below: I have to reload the page in the browser, to get rid of the "loading" sign (otherwise I am…
-
IPSec VPN certificate expires soon- how do I (re)create a valid certificate directly on the USG?
I have an USG20W-VPN firewall. My IPSec VPN certificate will expire soon. How do I create a valid new certificate for the VPN part? I have seen the instructions when using Nebula, I do not use that. How can I do that directly on the firewall? Thank you.
-
User can't login with Firmware 5.40
Updated firmware this morning and since then users authenticated by ad can't login. I've tested the ad connection and everything is fine. During logon the ad log show that the user has been successfully logged in, but the Zyxel USG Flex 700 login page just shows login denied. Login with a local user is working. Tried to…
-
How to route router (fw) traffic via LAN IP to IPsec VPN.
Hello, I have a IPsec tunnel between Zyxel USG Flex 100 and Fortigate 301E, everything works fine but one thing. I need to send Zyxel syslogs to device at Fortigate network. When I try to ping in zyxel console the device the ping fails. When I specify Zyxel's LAN1 IP as a source it works. So in default the zyxel uses WAN…
-
Cannot send mail to two-factor authentication for SSL VPN
Hi, I would like to use two-factor authentication for SSL VPN access but from the logs I see this error and I can't understand what I should do. Thanks Max
-
ZyWALL SecuExtender end of life. How connect to VPN?
Hello we have a USG FLEX 200, how can i connect to vpn without pay a license for it? For example fortinet give a client (forticlient) for free and update it Thanks
-
USG Flex 200H: ipsec vpn - peer gateway BACKUP address
I have a question. On our old USG 310, we were able to set up a primary and a secondary IP address for the IPSEC VPN "peer gateway address." It's now missing, and I don't know why. Is there another solution for a fallback? I couldn't find. Thank you for your help!
-
USG 20 VPN it freezes, the vpn stops working
I have a site-to-site configuration in location A there is USG 20 in location B USG 20 After about 24-48 hours of work, the USG20 hangs in location A and B. The VPN stops working, you can't log in to the USG 20 in location A and B. (but the login page shows up but doesn't log in), but the internet still works, as does the…
-
Change certificate of a managed AP?
Is it possible to add a new certificate to a AP (WAX650S) managed by a USGFlex200? When I'm connecting direct to the AP, I will get a “not secure” message of the browser. I have added the cert and give the rights, but the browser says: This server could not prove that it is 192.168.xxx.xxx. Its security certificate is from…
-
USG FLEX 500 behind other firewall - no IPV6 routing
Hi, I´m trying to set up my USG Flex 500 that is situated behind an OPNsense firewall. I went through several manuals and tutorials but I couldn´t figure out how to set it up right. The ISP is providing Dual Stack (shared IPv4 + IPv6). The OPNsense is used to provide internet for 2 seperate company branches. Branch 1…
-
Migrated to Flex 500, but having problem with sending email from mail server to GMAIL addresses
Hi, we have migrated our working firewall from USG310 to new Flex 500 and we are using internal Mail Server. If we use old USG310 instead everything works fine without any problems even to GMAIL addresses and MXToolBox gives green light on all of their tests. Also we have added to our DNS records everything that Google…
-
ZyWall110 to ATP200 conversion
Hello, I have to replace the Firewall at a customer. He is using a Zywall110 with many different settings. The conversion tool can not convert from Zywall110 to ATP200. So do I have to copy the settings one after another by hand or is there an other option to convert the whole configuration at once? Hope anybody can help…
-
Insert a list of URLs in the content filtering of an ATP200
Hi everyone, I need to insert about 200 URLs to block into the content filtering profile of a ZYXEL ATP200. How should I do it if possible? Thank you and best regards.
-
VPN typu site-to-site and remote access (server role) USG20-VPN
Hello I have 2 problems: I have a site-to-site configuration and remote access (server role) I have the same USG20 models in the headquarters of companies A and B. After changing the Internet provider and adding a new WAN IP address in the configuration. site-to-site establishes a connection, but the devices do not…
-
Urgent: Lack of VLAN over LAG functionality on USG FLEX 700H
Hello, We are deeply disappointed that the USG FLEX 700H, despite being a high-tier and newer product, does not support publishing VLANs over LAG—a feature that was readily available on older devices, such as the ATP500. This omission severely impacts our deployments, and our client has expressed significant…
-
Zywall 110 to ATP200 converter
Hi, I`m in need to convert a config from a Zywall110 to ATP200. I cannot do this with the online converter tool. Is there a way to do this easily ? Kind regards, Michel
-
IKEv2 and Windows 11 on standalone ATP500
Hi there, because the actual IPSec client from Zyxel does not support ARM proccessors, i had to configure VPN IPSec IKEv2 to use the buildin Windows 11 VPN client. That raises a bunch of questions: How can i use a trusted certificate instead of the "buildin". I cannot use the official bought FQDN based cert, because while…
-
USG Flex 200: Can i set a threshold limit on emails notificatons recieved from a Security Policy?
Scenario: We recently applied a security policy called "Blocked_IPs" on a client's USG Flex 200. The goal was to prevent certain LAN IP addresses from accessing both the local network and the internet if their activity appeared suspicious. Earlier today, we added a mobile device to the block list after detecting signs of…
-
loss of packets within a VPN ipsec tunnel
Hello I've a couple of ATP500 (5.40 firmware) perfectly connected to Internet. A site to site IPSEC VPN established between the two ATP500, that has worked fine for months. Today there is a significat loss of packet when a host from site A pings an host on site B, and viceversa. The Internet traffic is not affected at all.…
-
How to insert a list of URLs to block in the content filtering of an ATP200
Hello, we need to insert a list of 400 URLs to block in the content filtering of an ATP200. Is it possible to do it? How would it be done? Thank you and best regards.
