Security - Zyxel Community

USG FLEX H Series
Security Ideas
Your ideas could be new features for Security!

IP Reputation false postive
Hi my ATP200 is starting to report 75.75.75.75 (Comcast DNS Servers) as "IP Reputation DB : Spam Sources/BotNets" can someone please look in to this as these are used by my users so my log is getting flooded with these events even after I have added the IP to the allow list. Thank you,
Trouble setting up L2TP over IPSEC on ATP100
Hi Zyxel team, We recently replaced an old CISCO firewall with a new ATP100. I tried for several days to setup remote access via L2TP over IPSEC, where I immediately succeeded in logging into the firewall from the outside using the built-in L2TP client in Windows but failed to access the network behind it. I then found the…
ATP100 Lan Ports
Trying to configure new ATP100, and have WAN port plugged into my internet, P4 plugged into my laptop, but not getting a light on the lan port. I tried all ports and several network cables. Anyone ever run into this issue?
ZYXEL USG FLEX 100W Log Display Options
I don't know when this changed but when looking at my logs, they used to contain IP addresses. When the log is emailed to me, the IP address are there. What setting or filter would stop me from seeing IP address information while looking at my log? Hope this makes sense
Questions about BWM feature in USG flex 200
Hi everyone. I want to guarantee some bandwidth to some traffic. I do not need to set any caps on any traffic. For example, I want to guarantee 10Mbps for any traffic related to Microsoft Teams. My question is: 1 do I need to configure a reverse BWM policy for Teams traffic, like this: 2 do I need to configure the egress…
Routing between USG Flex 500 ethernet ports
Hi, I'm deploying USG Flex 500 and I can't figure out how to allow routing between two LANs connected to two ethernet ports. The design is as follows: P2 - WAN port to Internet P3 - DMZ port to DMZ servers P4 - Company1 LAN 192.168.245.0/24 P5 - Company2 LAN 192.168.246.0/24 and so on. Each company is in different LAN. USG…
Slow L2TP\IpSec speed between computers.
Hello! I think i can get much more speed during l2tp connection from home to my office network. There are an screenshots which shows, speed at my home wireless network is ~65 Mbit\sec. In the office network speed is 200Mbit\sec. In Office Zywall 110 we have VPN Server connection via L2tp\Ipsec (Ikev2) and 3 Algorythms of…
IPsec VPN, how to "disconnect" from the cli?
I have a multiple ipsec vpn tunnels, 1 of them quits working, yet the tunnel remains "Green". If in the webpage I click on "Disconnect" it fixes the tunnel and the connection is resumed. VPN Connection / IPv4 Configuration / Select the trouble tunnel "row" with the "Activated bulb that is On" and "Green World", click…
Why do I get Fail login attempt to Device frrom SSH from 61.177.173.48?
Hi, Why do I get Why do I get Fail login attempt to Device from SSH from 61.177.173.48?While I have rules to block any inbound China traffic though geo fencing. to Zywall and one to (any excluding zywall).
Packet forwarding breaks connection to a website
I recently installed email gateway to relay emails to our exchange. The SMTP port forwards to the gateway now. Before, we had a third-party application that was connecting to our exchange to use our SMTP to send out invoices. So I thought to create a NAT to forward only the SMTP traffic from this particular IP address to…
VPN L2TP with AD accounts + Google Authenticator
Hi everybody, I'm currently trying to configure remote access for a client on an ATP700. I chose to use L2TP and I wonder if it's possible to enable Active Directory authentication AND 2FA with Google Authenticator at the same time ? If it's possible, how to configure 2FA for each client AD account ? I found this…
Some question about the ATP
Hi I want to switch mine into "Live" Mode soon. Before that I can switch from the old Router to the ATP I need to setup something. Most work perfect. I just looking for a way to block Bad TLD like: .to, .li,... and other. Can I do that in the Contend Filter? Thanks
USG40 WLAN port Offline
Good morning, I have a USG40 unit and for two days I have had a problem with it, sporadically the WLAN interface goes offline, the only solution I have found is to reset it. Reviewing the log I find these reports but I don't know what I should do, can someone help me with the solution? Thank you. I copy part of the log 113…
SecuExtender IpSec 6.6.87.108 Install failure in Windows 11
Installer fails with error code 1603. I have removed any trace of older installations including folders/files, network adapters created. Restarted windows multiple times. I am still able to install/uninstall the older SecuExtender version 3.8.204.61.32. But that doesn't work with my server due to Algorithm compatibility.…
USG 110 firmware 4.72 no SSO support?
Hi all,I am working on USG 110 with firmware 4.72, I am trying to configure web authentication with SSO , but I cannot find the SSO config tab (check the attached image)in the release note of the 4.72 it states "Remove SSO GUI page for Single Sign-On Agent will be end of software service by the end of September 2022."Does…
USG 100 Flex and German Magenta IPTV
Hello, my USG 100 Flex is running very well so far. Unfortunately I can't get my IPTV to work. After these instructions I set everything. https://support.zyxel.eu/hc/en-us/articles/360004093659-IPTV-with-multicast-and-IGMP-USG-ATP-VPN-. Unfortunately the picture stops after 5 seconds. So when switching from unicast to…
LED RED - RESTART USG - 1100
Good afternoon everyone, how are you?We have USG1100 on a client, the firewall hangs and restarts, the SYS light is lit red, can you help me solve this problem?
SAML support (for AAD authentication) anywhere on the roadmap
Hi ! I've seen some very old posts asking about this, but nothing since. Does Zyxel have SAML support on the roadmap, coming anytime soon ?
MAC OS Ventura 13.0 Support for Zywall Secu Extender
MAC OS Ventura 13.0 Support for Zywall Secu Extender Unsupported MACOS Version any idea when new version will be around?
USG Flex 700 WAN Trunk
I only have one WAN from my ISP and the default trunk contains both ge1 & ge2. I was going to create my own WAN trunk with only ge1 included, but you still need to configure a load balancing protocol. My concern is a loss of bandwidth I have been experiencing. I have ge2 shut down, but how can I create just one WAN port…

Welcome!

It looks like you're new here. Sign in or register to get started.

Security Highlight

[2025 December Spotlight] SecuReporter AI: Proactive Device Health Anomaly Detection
🚀SecuReporter AI Keeps Evolving Over the years, SecuReporter has grown into an AI-powered analytics platform that processes massive volumes of log data to organize and highlight critical insights, helping IT teams visualize security events, understand threats, and accelerate troubleshooting across networks of any size.…
[2025 December Notification] ZLD5.41 Firmware Upgrade
Zyxel is committed to keeping your devices up to date for optimal performance and security. This release includes key maintenance updates and enhancements, such as: Feature Enhancements and Consolidated Bug fixes Feature Enhancements - Improved user experience in Security Best Practices flow. 💡Resolved issues* Bug ID…
[2025 November Spotlight]🛡️Complete Your Defense with Zyxel x Avast
This discussion has been moved.

View All