Security - Zyxel Community

USG FLEX H Series
Security Ideas
Your ideas could be new features for Security!

How to block Port 0
I have a USG210. When running port scans on the WAN side, Port 0 shows as: "Closed. Your computer has responded that this port exists but is currently closed to connections." Is there a way to completely block this port, so the IP shows as completely stealth? Thank you. Clippies of scan from GRC Shields Up attached...
VPN Server role IKEv2 broken as far as I can tell
Following another post about this have made my own post https://support.zyxel.eu/hc/en-us/articles/4411498192914 Android 12 and ikev2 — Zyxel Community Tested on USG60W V4.71(AAKZ.0) and VPN300 V5.21(ABFC.0) Phone tested with Sony Xperia 5 II Android 12 I have tested every setting I can think of but get: Receiving IKEv2…
2FA Google Auth time sync issue
Hi all... this is a question (not a issue yet).. Google auth as 2fa for VPN works well, but: what if the mobile with Google app is in a different time zone than USG/ATP? Android App has a function "Time Correction" (not sure it's the correct name), but as far as i know IOS version doesn't. Has anyone tried this scenario…
Usg Flex 200 Secuextender SSL Vpn
I'm using SSL VPN on USG200Flex but is disconnected after 24hours, is there anyway to make it always on? If not is there a script to reconnect automatically?
Usg210 ike v2 vpn connection with samsung s22
Hi The new android phone support only ike v2 VPN. I try config vpn server role, but not work... I try with certificate and with only password...but i have a problem to connect. I install StrongSwan app...but i have same problem. Have you a tutorial for vpn ike v2 for android phone? Thanks Manuel
How do I force delete an IPSec VPN user?
I have an IPSec VPN user that shows active that I need to delete. I get error 3004 when I try to delete the user. Can I force a logoff and then delete? Thanks
Traffic log data are not displayed in VRPT 4.0
I have Zywall 310. After upgrading the firmware from 4.65 to 4.71, Traffic Log data stopped appearing in VRPT 4.0. Errors listed in the VRPT server log: 2022-06-03 02: 00: 41,106 ERROR (ZldSyslogParser.java:257) - Invalid LOG: 2022-06-03 02: 00: 41,106 ERROR (ZldSyslogParser.java:258) - <142> Jun 3 02:00:41 2022 zywall src…
unable to register my newly purchased device
When i try to register device in the myportal. It gives an error the device is already registered
LAG rate limit
VPN300 V5.30(ABFC.0) I have setup a LAG bridge between LAG0 and LAG1 because I can and on LAG1 I limit egress to 92160Kbps and this works fine just so you know, but this is the bit I don't get you normally LAG two or more ports to get more speed (if say your ISP gives you 1.5Gb) but you can't seem to set the LAG speed…
forward trafic between vpn tunnels
Hello I have this configuration vpn2s in a remote sites ( a lot) vpn100 in main office azure gw at Microsoft I cannot create vpn tunnel directly from remote sites to azure as I do not have so many concurrent IPsec tunnels in azure, so I need to use the main office vpn 100 as concentrator between remote sites and azure Also…
Failed to Start service: ZyWALL SecuExtender Helper
Hello. One of our users is having an issue with SecuExtender SSL VPN on their laptop. They are using the latest release (4.0.4.0) and running Windows 11. Having checked the logs, it appears that the "ZyWALL SecuExtender Helper" service is having issues starting (partial log below). After a quick search, I found the…
ZYXEL USG20 REDIRECT A SPECIFIC DOMAIN
Have multipels domains in my public ip, redirect to a specific email server, but need a specifi domain redirect to another email server. if possible? how? BEST REGARDS
USG Flex 200 Airplay across VLAN1 and VLAN2
I am using an USG Flex 200. Hotel configuration for airplay streaming to Airplay enabled TV's On Vlan1 (192.168.1.x) my access point WAX510D are connected. on VLan2 (192.168.2.x) Airplay enabled TV is connected. I can't manage to have Airplay working across Vlan1 and Vlan2. Could some some help me in solving this problem…
ZyWall 110 will not boot up
Hello. ZyWall 110 will not boot up, the PWR led is on and the SYS led keeps blinking no matter how long i wait. I can't access console at all, any help is greatly appreciated.
Recent changes to USG lost after Firmware-Update
Hello allSeveral times now, I noticed that recent changes to Firewalls were lost when afterwards a firmware-update is performed. Recently with a Zywall 110 and USG60. I made adjustments to several objects, servicegroups and securityrules. All was working fine, the new rules and objects worked as configured. After some…
USG FLEX 200: Application Patrol / Content Filtering Policy
I have a FLEX 200 running V5.30(ABUI.0) Creating the following Twitter app in Firewall🡒Configure🡒Security service And the following outbound lan policy in Firewall🡒Configure🡒Security policy My expectation would be that only traffic matching the Twitter app profile definition above would trigger it. But this is not the…
SSLVPN disconnects and oddness with zone “LAN”
VPN300 V5.30 This is a odd I have SSLVPN on port 443 Ge3 zone LAN1 192.168.255.247/255.255.255.192 Ge5 zone LAN 192.168.255.49/255.255.255.240 Two firewall rule from LAN to Zywall and from LAN1 to Zywall HTTPS In this setup I connect to SSLVPN to 192.168.255.247 get disconnected within xxmins if idle. And if I do a SSLVPN…
SBG3300n can't add a WAN interface
I'm trying to pre-configure a SBG3300n to send to someone to replace a faulty one. It's not letting me add a WAN interface whatever I try. I always get: "Configure WAN Setting failed, please try again." Also, the ISP requires VLAN on the WAN interface but that option is greyed out. What might I be doing wrong? Firmware…
How long until a fix is released for the VPN issues of firmware 5.30 ?
Hello, I'm sure many of you are as frustrated as I am with the constant calls coming in about IPSec VPN all of a sudden not working, SSL VPN disconnecting after 2 minutes of idle time without reason and other sorts of related VPN Issues, Currently I am experiencing all the above mentioned issues variously throughout…
USG Flex 200 Blocking with Application Patrol blocks everything
Hello all. I'm trying to block individual app traffic, but instead all traffic seems to trigger whatever Application Patrol rules I create. What I'm using via NCC: Zyxel USG FLEX 200 V5.30(ABUI.0) Firewall🡒Configure🡒Security service In the Application Patrol box tap the +Add button Added an example profile for…

Welcome!

It looks like you're new here. Sign in or register to get started.

Security Highlight

[2025 March Spotlight] USG LITE 60AX Shines Bright with Media Acclaim and Awards 🌟
The Zyxel USG LITE 60AX has quickly risen to prominence, earning enthusiastic praise from tech media and prestigious industry awards 🏆. Designed for small businesses and teleworkers, this WiFi 6 security router has struck a chord with reviewers and experts alike. We deeply thank the following media and organizations for…
[2025 July Tips & Tricks] ⚙Set up your USG FLEX H before it’s online
Starting from firmware uOS1.35, Zyxel’s USG FLEX H series supports remote pre-configuration directly from Nebula—even before the device is powered on. To use this feature, make sure your device is running the required firmware: Newly purchased units must complete the initial setup wizard to keep the firmware up to date.…
[2025 July Notification] SecuExtender Perpetual Version Vulnerability
Dear Valued Users, We would like to inform you that the SecuExtender VPN client with the perpetual version IPSec_3.8.204.61.32 will soon be removed from our official website due to a reported security vulnerability related to legacy Windows 7 environments. Under certain conditions, this vulnerability may allow unauthorized…

View All