-
ATP200: no connection to gateway after automatic Firmware update (V5.41 to V5.42)
ATP200 Automatic Update from V5.41(ABFW.0) to V5.42(ABFW.0). Status OK. But no connection to gateway is possible (fixed addresses ipv4 and ipv6). After reboot with V5.41 the connection runs correctly.
-
ipsec vpn
i have 2 usg flex I configured a VPN with Wizard and I get the error: Command failed: establishing CHILD_SA 'xxxx_sp1' failedThe routers are open with a static IP.
-
ATP800 and 2fa for vpn users.
I have an ATP800 deployed with several remote users connecting with secure_extender v4.0.5.0. I have attempted setup of the 2fa with google authenticator. I have made the user and vpn configuration changes and the police changes for port 8008. I can connect to the vpn but the browser does not pop for the 2fa. if i manually…
-
E-mail alert format
Hi, The alert emails from the firewall (USG500 Flex) are unreadable (see below). How can I format the message? I want this vertical format (or any readable solution): No: 1 Date/Time: 2025-02-12 13:43:47 Category: secure-policy Priority: alert Source: 1.xx.xx.xx:27181 Destination: 212.xx.xx.xx:7523 Note: ACCESS BLOCK…
-
V5.42 DNS is broken with FQDN objects
FLEX200 V5.42 If you have no FQDN objects you may likely not see a problem but if you do big problem as some DNS lookups will fail completely to pass through the USG no matter how many times you try. Here it my bind and then DNS by 8.8.8.8 and this is a Wireshark view WAN side
-
Please can you document the IP addresses we should whitelist for this feature
Specifically the authentication proxy port. SSLVPN authentication with Microsoft Entra ID — Zyxel Community Thank you
-
ZyWALL USG20W-VPN - Firmware V5.41(ABAR.0)
Hello, After upgrading to firmware V5.41(ABAR.0), VLAN-connected devices gradually lost connectivity. The main LAN remained functional. Restoring a backup configuration made before the firmware upgrade immediately restored all VLAN and DHCP functions. Firmware V5.41(ABAR.0) appears to break DHCP/VLAN bindings or…
-
ATP800, kernel panic fqdnObject_syncQ_chrdev_sync()
I try to forget all my expirience with ZW last 3 years, but ZW developers don't want leave me alone. 3 days ago ATP800 (5.38) start randomly reboot. After 2 reboot i update to last FW (5.42). It was strange, because it was published in day, that all starts. And now on 5.42 we have unexpected reboot every 3-6 hours 😍. Debug…
-
USG LITE 60AX SIP ALG settings
Hi all, We recently installed a USG Lite 60AX on a clients premises. Im not entirely sure the 60ax is the problem but they have started experiencing unusual VOIP issues. Just wondering if ther is SIP ALG (or something along those lines) on these devices and if so how do I turn it off please. Kind regards, Luke Archbold.
-
AES_GCM on ATP-Series
Dear Zyxel-Team, in the near Future a Phone-Provider we have an VPN Connection to, tolds me in December, that we urgently should update our Connection from AES_CBC to AES_GCM. We use a ATP700 with the latest Update installed (5.41). Is there a Chance, that Zyxel provides GCM in an further Update ? Thx Gordon
-
ATP100 – critical regression after upgrade to firmware 5.42(ABPS.0), reboots caused by kern
Dear Zyxel Support Team, I would like to report a critical stability issue affecting a Zyxel ATP100, which started immediately after upgrading to the newly released firmware version 5.42(ABPS.0). Device: Zyxel ATP100 Firmware: 5.42(ABPS.0) (officially released on 2026-02-04) Status before upgrade: stable operation on…
-
Why TF does every firmware update screw up?!
Seriously, defaulted another device!? Pull you heads out. These devices arent next door, arent "default" installs. Yet every other firmware update defaults or locks a device!
-
Bridge DNS forwarding problem
VPN300 V5.37(ABFC.2) USG FLEX 200 V5.41(ABUI.0) So I think sadly nothing can be likely done for the VPN300 thats EOL but I might be able to workaround that but the problem happens on FLEX 200 so I be thankful if this could be fixed. The issue I'm seeing is I have a bind server with WAN IP does lookup from root servers you…
-
Understanding IPv6
Can't say I'm looking forward to the day of IPv6 but here is something I don't get about IPv6 depending on how it deployed. So Ipv4 is somewhat simple due to having it been to only way we have a WAN IP and LAN subnets which the IP's of can't go out on the internet and so NAT. But with IPv6 we now can have LAN subnets with…
-
USG60
Hello, I have working USG60 with very old firmware - V4.11(AAKY.2) (2015-04-20) and I want to upgrade to the latest 4.73(AAKY.2). Is it safe to upgrade in one shot, or I need step by step upgrade 4.3, 4.4… 4.73? Where I will find the older versions? On myZyxel I have only 4.73(AAKY.2)… Thank you.
-
Issues with built-in Wi-Fi and Guest VLAN after upgrading FLEX50W to firmware 5.41(ABAR.0)
Hi Folks, After upgrading the firmware of a ZyXEL FLEX50W to version 5.41(ABAR.0), the built-in wireless has become unstable. Additionally, the guest wireless network, which is associated with VLAN 9 and has a configured DHCP pool, no longer assigns valid IP addresses to wireless clients. Is there any patch or known fix…
-
USG60 - LAN1 and VLAN10 (LAN1)
Hello everyone I need help. USG60 equipment. P1 - WAN1 P2 - WAN2 P3, P4 - LAN1 P5, P6 - LAN2 I need to use VLAN10 for SIP phones in LAN1 and use LAN1 for computers. The SIP server is in LAN1. I created on the menu NETWORK - Interfaces - VLAN - VLAN10(Base LAN1). On the switch to which the USG60 is connected, I configured a…
-
Soft Bounce Email
Hi, we have an app Braze which is softbouncing. I don´t know where the problem comes up and who is responsible for helping me here? Happy about every help
-
USG FLEX 500 - DNS white list doesn't work over the DNS general classification
Ciao I got a problem regarding wrong DNS classification. A site of a customer as been classified as "phishing". I put that dns on "DNS ALLOW LIST" section, but the block persist. if i try the make a simple "ping" this is the FW response: It seems that "DNS ALLOW LIST" is working properly. USG FLEX 500 5.41(ABUJ.0) 2025-09…
-
SCR50AXE: Is it possible to set SSID with WPA3 + PMF required?
In nebula control center, configure → SSID advanced settings I have set the WPA3 to security option, but still my devices which can only find WPA2 SSID has access to router. I also tried some kind of wifi scanner app on android and it showed information about my SCR50AXE´s SSID. It says WPA2/WPA3-Personal + Capabilities…
