-
Nebula GEO IP Blocking
In Nebula if you wished to use the GEO IP Blocking feature, it used to restrict you to only inputting 10 countries per rule. However I am now finding that it allows me to add more than 10 countries in a sigle GEO IP Filtering rule. Has the 10 country limit been removed entirely? Or has it been raised to a higher number of…
-
no link in P1 port, in Flex200H device
Our company has a Flex200 firewall, and the service provider device is FiberHome AN5506-02-FG GPON Modem Router (configured PPPoE connection). We receive a Flex200H device for testing, to which, if we replace our own device, there is no link on anymore the WAN (P1) port It is plugged into any other device there is physical…
-
IPSec sessions on the firewall not terminated after a while of being idle?
I have the following scenario: I manually connect with a device (smartphone or notebook) and via IPSec VPN client (the ones generated by the USG-20W-VPN), StrongSwan resp. Win1x Client from outside. Now, when I take the device(s) again in WiFi range, they reconnect to the WiFi ergo the IPSec tunnel is not used anymore.…
-
USG Flex - extending a broadcast domain for WoL magic pakets?
We have running a server in one subnet, which is able to send magic WoL pakets into the own subnet in order to wake-up computers. Such magic paket will not be routed into other subnets. But now we've extended our network with an additional subnet (VLAN) and would like to wake-up computers from that new subnet as well, but…
-
USG110 upgrade
-
Routing public class c over VPN Tunnel
Hello, Here is our setup. Location A has public class C (1.1.1.0/24). Location B has a single public IP. Loc B has internal IPs 192.168.5.1/24. Both locations have ATP800 and are connected to each other VPN tunnel. Loc A vti IP 10.10.20.10. Loc B vti IP 10.10.20.20. On Loc A ATP, we have policy route to route 1.1.1.5 -…
-
multiple site to site vpn accessing the same resources.
This is not the typical vpn access that i usually setup and it has me a bit stumped. I have a site to site vpn that was setup to access a set of devices on the network. I'll try and explain this best I can. ips are just examples and there are 4 devices that need to be accessed. VPN-1 Site A (devices vlan…
-
USG Flex - VPN Logins into different subnets possible?
Hi guys, Before I dig deeper into the manual … Is it generally possible to have different VPN configurations to different subnets/VLANs simultaneously active on an USG Flex? Presently we've got two configurations active, one SSLVPN profile and another IPSec profile. The corresponding profile is automatically chosen…
-
wildcard in whitelists (on-premise)
Hello folks, Are there wildcards that can be used in Web Content Filter —> Trusted Web Sites and in DNS Content Filter —> Allowed sites ? for example *.google.com works with any 3th level domain? I refer to ATP / USG Flex Series, don't know if there are differences in H series Searched a little bit in the community but did…
-
¿falso positivo?
¿es correcto el bloqueo de url2319.nexa.pro ? 2025-05-02 10:58:55warnURL Threat Filterurl2319.nexa.pro:Malicious Sites, SSI:N 192.168.xx.xx:63085 167.89.123.90:443 ACCESS BLOCK 2025-05-02 10:58:55warnURL Threat Filterurl2319.nexa.pro:Malicious Sites, SSI:N 192.168.xx.xx:63073 167.89.118.61:80 ACCESS BLOCK 2025-05-02…
-
Zywall 110 remove corrupted firmware from debug mode?
Zywall boots up but no webaccess. No ping on any port. Lots and lots of error suggesting all kind of files missing via console port though. Is it possible to erase the fimrware as the system seems to think it can start the firmware image. Some at command to wipe out the firmware?
-
Usg flex h with build in wifi
I was wondering if there will be an model of the flex h series with build in WiFi. There is an flex 100 ax, but i think in 2030 this will eol?
-
VPN100 IPSec VPN Issue
I have a Zyxel VPN100 and trying to get an IPSec VPN tunnel established with another device on another network It gets through phase 1 and phase2 and says the tunnel is built successfully. But then it always says IKE SA is disconnected and the tunnel collapses The VPN100 is behind another router that is not in bridge mode…
-
Moving Configuration between different models
I have now some ZyWALL 310 I wish to upgrade to a newer model. Can I move the configuration to the new firewall, probably a USGFLEX, or do I need to rewrite it from scratch ?
-
Zyxell ZyWall 110
Hello, I am the owner of ZyWall 110, which has been purchased second-hand. It is registered to my ZyXell account and has been updated. The device is located at the entrance of my network, where I have proxmox and QNAP servers. My primary question is how to configure LT2P and SSL VPN connections to my servers. I do not have…
-
H-serie firewall v1.32(ACLP.0), Gui Object-Schedule creation not possible. What is wrong?
I want to create a schedule plan to disable internet access on WAN port and to disable power on the poe port for energy savings during night hours. The stop time (05:30Hr) is later as the start time (00:30hr) on the same day. I failed to create a recurring schedule object in gui, by getting an error message. Entering the…
-
Locked out of admin account on USG FLEX 100W
Hi, I have been having a running battle with a USG FLEX 100W for over a year now. I keep getting locked out of the admin account after a period of time. This is despite repeatedly resetting and re-configuring the device on a couple of occasions. Typically, I would factory reset the device, reconfigure from scratch, set the…
-
Zyxel SCR50AXE change the MAC on WAN port.
Hello, how do I change the MAC address on the WAN port of the Zyxel SCR50AXE ?
-
Attempt to login to USG50, Chrome reports ERR_SSL_VERSION_OR_CIPHER_MISMATCH
I would like to confirm that the USG50 can also be configured (using CLI or web interface) to increase its minimum security level so that current Google Chrome is satisfied. Additionally, would this change impact any existing security definitions for VPNs?
-
BGP dual wan configuration
Hello I need help setting up BGP for 2 providers at Zyxel atp200
