Security - Zyxel Community

USG FLEX H Series
Security Ideas
Your ideas could be new features for Security!

Parental control is not working
Hello , I have Zyxel PMG5617-R20BI tried to enable parental control to block facebook but it didn't work.I tried following option. Can anyone help me how I can get it working ?
USG20-vpn firwmare upgrade
Hi, I have a USG20 VPN that needs to be updated.Current firmware is 4.30 The latest upgrade says "If the firewall running with previous version then ZLD5.00, we recommended upgrade to ZLD5.10 C0 or later version to Standby partition first before upgrading to ZLD5.31" And the notes for firmware 5.30 (oldest available at the…
Configuration issue with fw USGFLEX100
Hi at all, We tried to configurate a USG FLEX 100 for a customer but i encountered some problems. Our lab network enviroment is: - Router ip 192.168.3.1 and a static public IP; - FIrewall NSG with a WAN Interface 192.168.3.4 and a LAN Interface 192.168.1.254 (already configured in our Nebula) - Switch Layer 2 with the…
USG 200 : 2.20 to latest
Hello, I have a USG 200 zyxel, and I finally got around to updating this router. I saw on the forums that it is necessary to upgrade the versions little by little.Unfortunately, I can't find the versions between 2.20 and the latest (both in the portal with the registered router and in the download center). Could you help…
Interface General and GRE tunnel bug
VPN300 V5.31(ABFC.0)ITS-22WK31-r104914 Was testing making a GRE tunnel and found this bug when an interface is set to General with getting an IP by DHCP when you make a tunnel GRE on that interface to connect to a remote gateway the interface blocks sending GRE until you change interface to external then it works.
Accessing Resources Across a Site-to-Site Tunnel when Connected via SSL VPN
Hello, I have a question about accessing resources across a S2S tunnel when connected to an SSL VPN. Currently, we have multiple sites. They are all connected with an IPSEC VPN. When on site, a user can access any resource at any site on any port (that is allowed by policy). Users working remotely connect with an SSL VPN…
NAT Stops After Sometime
We are using Zyxel USG310 and NAT is configured on Dyndns. After 10 to 15 days the NAT or port forwarding stops automatically. To resolve we have to restart the firewall. The firmware of the firewall is latest 4.72(AAPJ.0). Please assist.
ZLD4.33 WK35 Critical Security Patch
I'm noting in the weekly updates https://support.zyxel.eu/hc/en-us/articles/360005438274-Weekly-Firmware-Support-Version-Lab-Version It mentions apply due to critical security patch. I usually deploy only when general release versions arrive. Should we be following these interim patch releases?
vlan
hello I have a usg20 vpn, I am trying to make lan1 (p5,p6) hermetic to lan2 (p3) I don't want my devices on lan2 to be able to communicate with lan1 how can we do ?
blocking wpad connections..?
@all,is there a way to block wpad connections or does it have to be allowed? As far as i understand, wpad is like a proxy, so a firewall cannot look into the traffic which is handled with it. Or does even the Zyxel FW handle wpad and acts therefore as a proxy. I am a bit lost here, searching the www does bring any light in…
SSL_ERROR_UNSUPPORTED_VERSION USG20
hello, I have a usg20 router, I don't know the version. I haven't been able to access the web interface for a while now. with any browser, I have this message: Error code: SSL_ERROR_UNSUPPORTED_VERSION .... This website may not support TLS 1.2, the minimum version supported by Firefox thanks !
Easily Manage Your Employees’ Devices with Astra
Easily Manage Your Employees’ Devices with Astra In most SMBs, tech staff are already under heavy workloads, leaving little time to hunt down threats that require immediate action. When it comes to endpoint device security, get started in minutes with Astra cloud-based service that makes management easy. We are excited to…
ATP series - Wildcard FQDN doesn't seem to work
I have a wildcard FQDN address in object for *.antispamcloud.com to be used as source in Security Service>IP Exception to an internal IP. That exception doesn't work with the latest signature update - all mxXXX subs to *.antispamcloud.com is being blocked at the moment - i have fixed it by unticking Exploits in IP…
ZyWALL 310 and firmware V4.39(AAAB.0) upgrade path
I have the above firewall and firmware. But when attempting to upgrade, I get a warning that there is a glitch where if FQDN objects are created, the upgrade will cripple the firewall (and I *HAVE* created FQDN objects). So what is my firmware upgrade path? Am I stuck at 4.39(AAAB.0) forever? Do I have to delete all my…
USG20W-VPN Firmware 5.31(ABAR.0) Wrong CLI Command Delete Old Configuration Backups (4.65 Works)
Attempting to delete old Firmware Router Backups Configuration Files (i.e. Configurations Based on 4.60 and earlier), the following error messages occurs: When I switched back to 4.65, I was able to delete 4.35 and earlier with no issues. I will have to switch back (Reboot on Standby Partition 4.65) again to delete these…
how to change password
my wifi has been hacked
VPN disconnects between USG-Flex 200 and Zywall USG-20
I show topology: -USG-Flex 200 has dual wan, static ips, and vpn policy is "site-to-site with dynamic peer".Now it has latest firmware 5.31, but when I updated from 5.30 issue was already there -Zywall USG-20 has single wan, static IP (natted but with all ports forwarded from upstream router), and vpn gateway policy is…
USG310 - L2TP VPN - GUI Error? - Unable to select VPN Connection
I have a fully working IPSec and L2TP VPN on the firewall. Tested and used for 2yrs+. Just upgraded to v4.72 (latest) firmware. Model is USG310. GUI Page = VPN > L2TP VPN Issue: The drop-down for "VPN Connection" now contains "Please select on..." and the only option is "none". Expected Behaviour: The configured IPSec VPN…
VPN Connection not visible in L2TP VPN- config
Hello, USG40, latest 4.72 AALA.0 firmware. L2TP VPN screen does not show the IPSec VPN connections. Even if those and VPN GW have been configured with Wizard. And they work. I'm able to make the VPN connection from my iPhone, data goes through VPN, no problems at all. Only the L2TP VPN screen is having this issue. Picture…
USG60 upgrade path to latest firmware
A new customer is already owner of USG60, but is quite outdated the firmware.In fact, the firmware installed is dated 2015, version 4.15, latest firmware available is 4.72 WK28.Customer is remote customer, currently I cannot travel to be onsite and make the due diligence: backup configuration, reset to default, update to…

Welcome!

It looks like you're new here. Sign in or register to get started.

Security Highlight

uOS1.37 Update: What's New for USG FLEX H Series
The latest USG FLEX H firewall series is powered by the new uOS, which is designed to minimize system response time and improve overall system efficiency, including the following features: Enhanced VPN Security with IKEv2 AES-GCM Support IPsec VPN now supports IKEv2 with AES-GCM encryption for both Site-to-Site and Remote…
[2026 January Tips & Tricks] Why It’s Time to Move Your VPN Encryption to AES-GCM
AES-GCM (Galois/Counter Mode) is currently the gold standard for encryption in modern VPNs (like IPsec and TLS). In this short blog we will walk through AES-GCM with you and most importantly help you adapt to the latest technology to stay safe. AES-GCM is an AEAD (Authenticated Encryption with Associated Data) algorithm.…
[2025 December Spotlight] SecuReporter AI: Proactive Device Health Anomaly Detection
🚀SecuReporter AI Keeps Evolving Over the years, SecuReporter has grown into an AI-powered analytics platform that processes massive volumes of log data to organize and highlight critical insights, helping IT teams visualize security events, understand threats, and accelerate troubleshooting across networks of any size.…

View All