Security - Zyxel Community

USG FLEX H Series
Security Ideas
Your ideas could be new features for Security!

Communicate two remote sites with identical IP addressing plan via an ipsec VPN tunnel
Good morning, Sorry to insist on my PB, I want to communicate between two remote sites through an IPSEC VPN tunnel having an identical IP addressing plan: 192.168.0.0/21 gateway 192.168.1.254 DNS 192.168.1.50/192.168.1.55Unless I'm mistaken, it's possible by applying a 1:1 NAT rule. If possible, could you give me…
Fix a LAN IP in USG FLEX50
How do I fix a certain IP address f.eg. printer, so that it wouldn't change?
USG FLEX 200 / Block IP for repeated page visits
Salve, cerco di spiegare il problema e relativa richiesta. Su un nostro server interno LAN abbiamo un sito web in IIS pubblicato sul web. Ci capita che ogni tanto, qualche hacker, cerchi di effettuare injection di codice sulle richieste di alcune pagine web. Chiedo se tramite il firewall USG FLEX 200 è possibile creare una…
firewall usg flex 100H
Dear Hello i whant to know if possible to install protonvpn into a usg flex 100H Many Thanks ilario Orlandi
Converted config cannot be uploaded to USG Flex 500
Hi folks, since I converted an existing USG110 config with the zyxel converter to the USG Flex 500 enviornment I am not able to upload the file to the new USG. The USG Flex is on default factory setting with only the admin password changed. P2 and P4 is connected as given from the Quick installation guide. My steps:…
USG FLEX 500 - lan1 to lan 2 and lan2 to lan1
Hello I have a firewall usg flex 500 with lan 1 (192.168.0.0 GW 192.168.0.230) and lan 2 (192.168.33.0 GW 192.168.33.230) for both lan the GW is the firewall itself I need to make the two lan's and consequently the clients talk by enabling ips control I can ping the firewall from both subnets on ex: 192.168.0.190 -->…
ATP-100 Surfshark VPN
Hi community, first…i'm a home user with basic network skills and try to configure a VPN to the provider Surfshark. Surfshark available connection methods: Openvpn, Wireguard, IKEv2 As i understand only IKEv2 is working on my Zyxel ATP-100, so i try to apply the settings. Surfshark don't provide a presharedkey, instead…
ATP100 + SecuExtender 4.0.5.0
Greetings, I configured the VPN following this guide: https://mysupport.zyxel.com/hc/en-us/articles/360005933219--ZyWALL-USG-How-to-configure-an-SSL-VPN-rule-for-full-tunnel-mode When I try to connect via SecuExtender, however, it immediately disconnects... The log tells me this. [ 2024/10/24 11:40:25 ][SecuExtender…
Attack ATP 800 - firmware 5.39 - ssl vpn
Hello everyone, we were the victims of a hacker attack last Sunday. From our perspective, the attackers gained access to our infrastructure by injecting code into the current firmware, creating an SSL VPN group including users and rules. Everything was detected and switched off early, but our IPSec VPN still crashes at…
Flex 200H - graph and details missing
Hello everyone, I put a 200H in production, so I started to look into details of its traffic analysis. I went to the specific page for an "unknown virtual protocol" to understand what was going on and to start inspecting it: As you can see the graph is zero, so you need to read the details in text somewhere else: I found…
Feature suggest: update GeoIP DB at boot for firewall
This is what happened to me… My ISP is a phone provider operating in more than one country. Mobile and not. Currently is offloading some public IPv4 addresses frome one country to mine, and now I'm connected with one of "another country", now provided to mine. I updated firmware in some appliances. Some of the rules are…
USG100 latest firmware?
According to the PDF file here...https://webservice.zyxel.com/eol/ArchivedEOLModel.pdf All dates "End of" about USG 100 are 2018/06/30. That's fine. But... Latest "support file" for firmware into download section from Zyxel is 3.30 P7, dated January 2015. And I found a 2016 WK41 file, named "3.30(AQQ.8)ITS-WK41-r74145 /…
2 IP wan with PPPOE on usg flex 700 (not H series)
Hello I'm preparing to install a USG FLEX 700 router I have 2 static fps on a PPPOE connection I would like to know if the wan bridging explained on this page works for a pppoe connection : https://mysupport.zyxel.com/hc/en-us/articles/360010378180--ZyWALL-USG-Setting-up-a-WAN-bridge regards
Zywall ATP100 + Secuextender 4.0.5.0
Greetings, I configured the VPN following this guide: https://mysupport.zyxel.com/hc/en-us/articles/360005933219--ZyWALL-USG-How-to-configure-an-SSL-VPN-rule-for-full-tunnel-mode When I try to connect via SecuExtender, however, it immediately disconnects... The log tells me this. [ 2024/10/24 11:40:25 ][SecuExtender…
Import LetsEncrypt authority certificate to USG110
Hello i create and import new Lets Encrypt certificate to older USG110 firewall, but when i try import authority certificate from https://letsencrypt.org/cs/certificates/ i have problem ... I Can import ISRG Root X1 certificate and Let’s Encrypt R11. But my certificate is R10. When i try import R11 type i get message :…
What's New: uOS1.30 Firmware Update for USG FLEX H Series
This discussion has been moved.
What's New ZLD5.39
Enjoy stronger traffic control with a new CLI command to drop TCP SYN packets with data, faster filtering, and a fix for Chrome’s TLS 1.3 content filter bug. Update today for seamless protection. Zyxel is committed to continuously updating your devices for important maintenance information. This latest release also…
admin account always logged in twice, three or more times
Hi there, I am managing about a dozen Zyxel firewalls and on all of them I got the same problem since the last firmware update, I suppose. After logging in as "admin", nearly always the "admin" shows login in twice, three times or even more. The problem is then, that I will always get kicked out of the last active messing…
Disable restrictions on VPN?
Router# show vpn-site-to-site-dynamic-restriction status Device Restriction Status: Enable VPN Daemon Status : Enable there is one tunnel site to site that seems to be blocked by some sort of ban or DDOS prevention, i would like to temporarily disable the above restriction in order to check if the tunnel start to work…
configure download and upload
I managed to configure when the user will be able to download when connecting to my company's network, but I'm not able to configure the upload for it. I put 10 megabytes in the download and it's working, but I didn't find where to put the upload limit. Could you help me?I have a USG Flex 200 Firew

Welcome!

It looks like you're new here. Sign in or register to get started.

Security Highlight

[2024 Sept Notification] SecuExtender SSL VPN macOS and Windows Clients: EOL and Upgrade Options
SecuExtender SSL VPN macOS and Windows Clients: EOL and Upgrade Options We want to inform you that the SecuExtender SSL VPN macOS and Windows clients have reached their end of life (EOL). Zyxel is no longer selling, maintaining or supporting these products. However, for those who recently purchased a license, we understand…
[2025 May Notification] Blocking AI Risks Before They Spread — App Patrol Now in Action
Recent reports from South Korea allege that DeepSeek has been transmitting user data to servers in China and the U.S., raising further concerns about its security. To help mitigate potential cybersecurity risks posed by generative AI applications like DeepSeek, Nebula’s App Patrol now supports the ability to restrict its…
[2025 May Spotlight] Smarter and Faster: Discover What’s New with SecuPilot!
If you’ve been using Zyxel SecuReporter, you probably already know SecuPilot — our AI-powered helper that enhances SecuReporter to make network security management smarter and easier for SMBs and managed service providers (MSPs). 👉 Just to quickly recap: SecuPilot lets you ask security questions in plain language,…

View All