-
How to block "hacker" ip if exist NAT rule
Hello. 1 Device - USG FLEX 200 2 We have NAT rule - 1234 external port to local x.x.x.x ip, 4321 local port service "RDP" 3 "Hacker" is brute this port from y.y.y.y. Q: USG is block y.y.y.y after 3 attempts, and unblock later, block again and unblock later :) How create permanent rule for blocking y.y.y.y or y.y.y.y.y/24
-
Lien Wan Down de manière intermitente
USG20-VPN FW 5.38 Je rencontre de manière aléatoire la perte de connexion sur le lien WAN. Tout est OK en local, mais pas d'internet. Je redémarre la LiveBox 6 et la passerelle USG et internet revient. LiveBox 6 changée il y a un mois. Echange de la passerelle. Cela a tenu 1 mois depuis quelques jours le problème revient…
-
Windows updates - content filter (Firewall)
Hello there, I have a problem with windows updates because of firewall categories - it used to work with Bussines and Software/hardware option enabled, right now its not enough. I tried to enabled all categories for test purposes and updates worked after that. I would like to skip testing by enabling categories one by one,…
-
How do you weight multiple 1:1 NAT Rules on a Flex 500 for Redundancy Scenarios?
My customer is using a USG Flex 500. We have multiple WAN connections. When one WAN fails, we have the Flex 500 setup to failover to the secondary WAN 2 connection. The failover works, but routing on any device that has a 1:1 NAT rule set to apply a static public address to a specific device/server fails, even if there's a…
-
Why gateway is not resolving the local network?
Tab login users - only IP Address (2024y) Tab Wireless Hostname = Empty domain zone forwarder = local damain & servers Why?
-
Activating SFP Port
Hi I have the Zyxel USG Flex100W and would like to use the SFP port to link it to my Zyxel Switch. However since the recent firmware upgrade, this device is no longer able to be managed on Nebula and the WebUI does not seem to allow the addition of the SFP port to the LAN Interface/Group. Any suggestions on how to do this?
-
usg40 to usg flex 100: problem applying converted configuration file
hi all, I converted the configuration file from my USG40 to USG Flex 100 using the conversion tool at https://convert.cloud.zyxel.com/ The entry in "From" is USG40 (4.32 or later) and the entry in "To" is USGFLEX100 (4.60) The conversion runs without a problem and I upload the converted file to my new USG 100 Flex. When I…
-
Content filter on ATP800 not working
Hello, the content filter seems to not be working correctly. By blocking categories such as social networks or pornography, you can access it without problem. I have also activated the DNS content filter and I can also access it even if it is in blocked categories. Any idea what is happening?
-
USG40 Mac based VLAN
Hi, Is it possible to create a mac based vlan just with an USG40? I want to create MAC based VLAN in the Network to separate different users. For Example VLAN10 MAC based for UserGroup1, VLAN20 MAC based for UserGroup2 and VLAN100 not MAC based for every other user. If a device connects to the network with a configured MAC…
-
IKEv2 with AD integration 2FA
Hello, I've succesfully set up 2FA on existing IKEv2 or L2TP VPN Connections, but now I want to go further. I have some VPN's with AD integration, but it seems not possible to set up 2FA with it? Or am I'm looking wrong?
-
Block of 8 public IP addresses - can I pick and choose which IP maps to a port?
I have a low volume email and web server. a USG20 VPN device in a small home/office scenario. a block of 8 public IP addresses, 5 usable with mask 255.255.255.248. These have been in use for years. I plan to shutdown my current old server and have created a new email server and will separate the web server next onto it own…
-
Convertir une config vers un nouvel appareil
Bonjour Je dois changer un Name:USG60W Serial Number:S162L22141315 Firmware Version:V4.73(AAKZ.2) Par un USG FLEX 100 Serial Number : S232L28101075 Firmware 5.36 patch 2 Est il possible de convertir la configuration de l'USG60W vers le USG FLEX 100 ?
-
Content filter not working properly
Couple of months ago I set up an ATP200 with Content filter enabled at a client. Now he says that the users are able to surf to playboy.com. I did some tests: If I enter the website in URL to test it says that it is categorised under pornography, so ok. Filter is applied to LAN1_Outgoing If I turn on logging on…
-
Ike Port
Hello i have read that the ike port (UDP=500) can't be changed. But in service i see that is possible. I have a VPN between my 2 locations So my question is: if i change the port in my two VPN100 can be works the VPN? Thanks
-
USG FLEX 700 Backup / Restore configuration files
Hello everyone, I am looking for detailed information on how to perform maintenance and backups on the ZyXEL Nebula USG FLEX 700 firewall. If anyone knows of any guides, tutorials, or resources that explain these processes, could you please share the links or the steps to follow? Thanks in advance for your help!
-
USG Flex 700 - Password change recommendation window - cannot be disabled
We're just commissioning our new USG Flex 700 (v5.35 ABWD.0), taking-over all settings from our USG110. Lot of typing work since a converter from USG110 to USG Flex 700 is not available. But anyway, this is not the problem. On each login the USG Flex is showing a password change recommendation window which contains a…
-
Zyxel Flex SFP+ port questions
New to fiber, however the Flex 200 doesn't seem to want to come online using: DAC cables which work between my HP DL-380 G9 SFP+ Servers and Mikrotik switches. Also tried: PLRXPL-SC-S43-CS JDSU® Compatible Transceiver SFP+ 10GBase-SR with fiber cable, no luck. It appears there is a alot of personality in play in the fiber…
-
Upgrade Firmware USG 20W from Version 3.30(BDR.9) / 1.15 / 2016-11-22 10:05:22
I have a Zyxel USG 20W with firmware 3.30(BDR.9) and would like to upgrade it to the latest version, because I got a notice to upgrade the firewall latest 1.August 2024. The Update to the newest version with the file 538ABAR0C0.bin runs perfect, but after the reboot it shows me still the old firmware version. Any ideas?
-
Help with USG310, timeout access via GUI and CLI, IPSec stops working.
Good afternoon. We have a client (HOSPITAL) that has a USG310 firewall and is on the latest FW version available (4.73(AAPJ.2)). We are having a problem where the equipment loses the IPSEC VPN connection and after that it becomes inaccessible both via console and via http, requiring a physical reboot of the equipment.…
-
USG Flex 500 Content Filtering does not work
Hi, We have been trying to configure Web Content Filtering to block social networking sites for default BPP profile but it does not seem to block. Even porn sites are being allowed access even though these have been default blocked in categories. Any suggestions on how to activate the blocking? Thanks.
