-
Is it possible to use Google Authenticator for VPN access - AD users ?
Is it possible to use Google Authenticator for VPN access (IKEv2/L2TP) when users authenticate via Active Directory ? (USG Flex 700)
-
Issues with built-in Wi-Fi and Guest VLAN after upgrading FLEX50W to firmware 5.41(ABAR.0)
Hi Folks, After upgrading the firmware of a ZyXEL FLEX50W to version 5.41(ABAR.0), the built-in wireless has become unstable. Additionally, the guest wireless network, which is associated with VLAN 9 and has a configured DHCP pool, no longer assigns valid IP addresses to wireless clients. Is there any patch or known fix…
-
ZyWALL USG20W-VPN - WLAN broke after V5.41(ABAR.0) upgrade
Hello, I upgrade from 5.40 to 5.41 and now my usual WLAN ssid does not work anymore. It keeps connecting / disconnecting. This happen from iPhone and from Arlo webcam. I tried to upload the 5.40 config file but problem remains. Also, strange fact: after logging in into 5.41 I get the error "wrong cli cmd…" but then…
-
EOL bug in VPN300 port group
VPN300 V5.37(ABFC.2) So not expecting this to be fixed just thought I share the problem. So this is the default each port is not shared or linked to another At one point I moved P6 to Ge3 so that P3 and P6 are under that interface all worked fine. Then I want to move P6 back to Ge6 which worked but firewall was allowing…
-
[USG FLEX H Series] - NTP Server
Hello everyone, Is it possible to use the USG Flex H as an NTP server? This way, I wouldn't need to expose my devices to the internet to synchronize their clocks, but the current time/timezone information would come directly from the firewall, as the only true time source. Thank you,
-
Multiple IPsec connections of a single configuration
Hello, I use Zyxel FLEX 100 with firmware 5.41. I noticed multiple IPsec connections of a single configuration. It looks like this in the VPN stats monitor: Why there are multiple connections for the MASTER_VPN_VLAN200 configuration? Any advice is welcome, thank you. There are 2 configuration using this IKEv2 gateway:…
-
User name limitation that causes problem for MAC-Based Authentication
FLEX 200 So I've been configuring with 802.1x with a Cisco switch and FLEX 200 as Authentication RADIUS Server even when I could use Cisco built in option. So its really odd that my MAC was 08-00-27-EE-C7-AF but you can put that in FLEX200 because it must start with a letter so I change the MAC of the device to…
-
Radius server on ZyXEL FLEX H with SSL VPN
Recently upgraded to FLEX H series and in same time to WIndows Server 2025. We used to have AD Integration for VPN, so that users could be defined on AD. Classic implementation (TCP389) still works with new FLEX H series combined with SSL and OpenVPN Client. But as we have to move on to Windows Server 2025, classic LDAP on…
-
Vlan1 On Primary LAN Interface
Hello, I have a HUGE security concern about this topic and I am running a Flex USG500H and I spoke to tech support and discovered that I am not able to change the primary LAN interface (192.168.1.1) to any other vlan other then the default vlan1 and that is designed that way. In my opinion that is a security "No No". This…
-
Protect the link between the firewall and the switch
Hi I’m using MAC authentication on a GS1920-24 switch to prevent unauthorized devices from connecting to it. However, I can’t use MAC authentication on the uplink to the firewall. How can I ensure that only the firewall can connect to the switch, and only the switch can connect to the firewall? The firewall is a USG FLEX…
-
Zyxel SCR 50AXE Stop Working 2.4Ghz wifi after upgrade to V1.20(ACGN.0)
Hi, I upgraded my Zyxel SCR 50AXE to the latest version (V1.20(ACGN.0)), and after that, my 2.4GHz Wi-Fi network stopped working. Sometimes it appears, sometimes it doesn’t, and when I try to connect, it gives an error. It also shows a Wi-Fi network named “SSID,” but I think that was already there before the upgrade. Has…
-
ETA for next ZLD 5.X firmware
If any… for the known and sharable information at this date.
-
VPN SSL: unable to access to a server folder
Hi I need to connect a remote pc to an internal server folder. My LAN is a domain network type and I'm running a USG 1100. I've configured the SSL VPN in the firewall and the remote pc is connected succesfully to the firewall. SecuExtender shows: Client IP: 192.168.200.11 Server IP: 217.xxx.xxx.xxx DNS: 192.168.0.2,…
-
ZyWALL USG20W-VPN - Firmware V5.41(ABAR.0)
Hello, After upgrading to firmware V5.41(ABAR.0), VLAN-connected devices gradually lost connectivity. The main LAN remained functional. Restoring a backup configuration made before the firmware upgrade immediately restored all VLAN and DHCP functions. Firmware V5.41(ABAR.0) appears to break DHCP/VLAN bindings or…
-
ZyXel USG20-W - internet failing and VPN issue.
Hello, I am running quite old ZyXel USG20-W with latest firmware (upgraded today) and I started experiencing some issues couple days ago. We had internet connection outages while downloading big updates and so on. So we changed internet provider and swaped from 40Mb internet to 100Mb internet connection. We are now able to…
-
ATP800 V5.41(ABIQ.0) firmware image corrupted
Hi, My ATP800 has been trying to update to firmware v5.41 since the release via auto update but encountering a checksum error on the download. I attempted to use the firmware file from the myZyzel portal, but could not boot with the 5.41 image. The firmware management page shows the new version number, but boot falls back…
-
Politica para Bloqueo de Aplicaciones moviles en router mercusys coenctado a un usg flex 200
Muy buenas noches a todos, tengo conectado un router mercusys via lan a un sw no administrado, y estos a un firewall USG FLEX 200H, donde y como puedo hacer (Politica) para que los telefonos moviles que se coencten via wifi, no me permita abrir las apps de facebook, tiktok, youtube, twich, x, solo me permita whatsapp.…
-
Admin password reset
Is there a procedure to reset the admin password for my USG-20 Firmware 4.73? I already tried tit atgk -u but it seems doesn't work. Any help is appreciated.
-
USG 20w/50 Flex
Hi, please help to understand strange situation. Due to USG prepare for production, I did some settings in test environment via browser, set interfaces, dhcp bind, server & e.t.c, so no action might disrupt communication via cable. Suddenly I lost connection, no ping, no http. Was restart but no effect. Connect via console…
-
General rule possible to allow IPSec VPN traffic only, from everywhere? I am also using GeoIP
Hello, I have the newest firmware installed on a USG20W-VPN and regularly update the GeoIP database on the firewall. I use only IPSec VPNs, with SecuExtender client from MacOS and Win11, native IPSec VPN from iPhone, and Strongswan IPSec VPN from Android. All works- so far so good. It is no rocket science for IPSec VPN: it…
