-
Production Status USG20W-VPN (USG FLEX 50W): Discontinued?
Greetings, I was looking to purchase another USG20W-VPN (USG FLEX 50W) for a client and have been told by vendor it has been discontinued. Is this indeed the case?
-
ATP500 - Avast antivirus block, anti-botnet log
Hi there, https://us.v-cdn.net/6029482/uploads/13WM1HRQMYRQ/zywall-blockiert-avast.txt we have the problem that since the last firmware update in November our ATP500 blocks the Avast antivirus and the message “BLOCK anti-botnet” appears in the log. We have configured under: Security Service > Reputation Filter > Types of…
-
Router DMZ to Flex 500H
Hi, we are trying to configure the Flex 500H behind a Router with DMZ. The router has IP 192.168.2.1 configured and has a DMZ configured to 192.168.2.2.2 which is the Zywall. The problem is that we do not see anything in the log, opening port 21 for example to test. Is there anything else to configure?
-
Zyxel USG20W-VPN primary and backup link setup and IPSEC VPN
Hello guys, I have USG20W-VPN with latest firmware installed and just need little bit help with setuping my primary and backup link WAN connection. Firstly - I am using the DSL WAN connection that will work as primary link (WAN) and if this connection will fail automatically backup link will go active (Cellular, Brovi 4G…
-
out of production usg flex 200
Today i heard the usg flex 200 is out of production, and the EOL date is 2030. Is that correct. Wondering what's the follow up product of the flex 200. Off course you have the flex 200h, but that one is much more expensive, and maybe difficult to sell to our customers. 5 years and then EOL? that's a little quickly in my…
-
USG FLEX 500 VPN Server EAP-MSChapv2 vs EAP-TLS/PEAP on Radius
Hello, i've got some trouble setting up remote user connection with certificate instead of user/password, and i don't find much documentation about this on Zyxel networks. I've setup VPN gateway & tunnel for remote user connection with radius authentification EAP-MSChapv2 successfully, but when i'm trying to change Windows…
-
DHCP server setup on ATP500 shows "Error -4027 : DHCP network setting conflict"
I want to setup DHCP server function on one of the LAN interface on the ATP500 device (firmware version being "V5.39(ABFU.1) / 2024-11-16 03:14:26"). After entering the parameters of : DHCP (server), IP pool start address (192.168.1.130), pool size (10), First DNS server (ZyWALL), default router (ge4 IP) with rest…
-
No entries in device insight
Hi, I have configured one device insight profile. Inside this only the criteria for OS "Windows" is selected. I would have now expected, that my laptops and desktops are listed in the device insight table of monitoring, but this table is always empty. I'm sure I have misunderstood or done something wrong. Kind regards SB
-
DNS lookup issue
We've got a really weird issue with a FLEX100. So a client reported that they can't access their website from their office network. On any device. If they turn WiFi off on their phones, they can acces it fine. Sure enough, the FLEX100 is not returning ANY address for their primary domain. But every public DNS server…
-
redirecting http
Hi! I have a webserver behind a zyxel 200H (frimware: V1.30) and I cant reach its website with its domain name/url, and instead of the website all I get is the zyxel 200H login screen. I looked up the problem, and I should find a "HTTP Redirect" instruction on…
-
Source NAT through vpn tunnels
Let's say we have three sites: Site A (USG Flex 50) - Policy based vpn - Site B (USG Flex 200) - Policy based vpn - site C (other device, managed by others) Note: between A and B it's simple routing, hosts keep their IP. Between B and C it's different: all B lan address reach C site SNATted (in B-C vpn policy) to a single…
-
url check
-
Error while trying to import a certificate. P12 certificate "errno: -17011"
Hi. When trying to import a certificate to UGL Flex 700 I get the error errno: -17011 errmsg: PKI certificate type is not supported I am on version V5.39(ABWD.1)
-
P12 Certificate "errno:-17011"
I have been importing P12 certificates for years. It is scripted openssl to generate pkcs12 from PEM files. openssl has not updated on linux since 2020. Now the "import" under "certificates" gets error 'error -17011'. "errmsg: PKI certificate type is not supported" Tried a different browser, chrome and firefox both error.…
-
usg20-vpn and surfshark
is there anybody able to share a configuration to connect my old usg20-vpn with surfshark? Actually looks like they provide a certificate for an ikev2 that i cannot import because they provide no secret key with it, and also no shared key. I think i should use the username and password system through ms chap, but it seems…
-
Advice on policy control issue
Hi Zyxel world, I wonder if you can help please - We've 3x USG60, connecting IPSEC to an Azure VPN Gateway, all 3x VPNs connect and remain connected but only 2x pass traffic (pings) and one does not. The key settings look identical as far as I can tell, having compared them side-by-side, aside from the expected network…
-
SFP Slot at USG 700 Flex - which standard is supported?
Which SFP standard support the SFP ports on USG 700 FLEX? The problem is, that we most probably get only one single fiber and have to put dual wave length for TX and RX on it. But this would be 1000BASE-BX standard. Many devices on the market only support 1000BASE-SX /-LX /-ZX standards where different fibers are in use…
-
USG20-VPN (now USG Flex 50) problem with the upgrade
"I have a USG20-VPN device that has been updated to the USG Flex 50 version. On the standby partition, there is the old firmware V5.10(ABAQ.0), and on the running partition, there is firmware V5.30(ABAQ.0). Now, the latest firmware version has been released. When I try to upgrade to the latest firmware, nothing happens. It…
-
USG FLEX 500H - Client VPN with Entra ID login
Hi Is it possible to use Entra ID accounts to login to a client VPN (Remote Access VPN or SSL VPN)? Right now I'm using a Cisco ASA where I have created a SAML setup to Azure, and it works just fine with the login and also to ask for the users MFA. I have the same setup on some FortiGate firewalls, but I just can't find…
-
USG FLEX 500H - SNAT on a Site-2-Site VPN
Hi I want to replace a Cisco ASA 5506-x with a USG FLEX 500H. I have multiple Site-2-Site VPN connections and and got them all but one up and running. The last one uses SNAT, where my lan subnet (/24) has to be translated to another (/32). All information I could find so for on SNAT in a VPN tunnel is for the old model, or…
