USG FLEX H Series - Zyxel Community

💡Duo Security Authentication Integration Guide
This discussion has been moved.
[2026 January Spotlight] Integrate Secure Cloud Authentication with the USG FLEX H series
As organizations adopt cloud services and support remote and hybrid work models, identity has become a critical foundation of modern security. Traditional authentication methods based on locally managed accounts are increasingly difficult to scale and protect against today’s threats, including credential theft and…
v1.38 Dashboard Issues
So I load my dashboard and get this error (I have cleared Edge's cache too) This is being caused by the client usage widget Error Failed to load interface list Error Code: (500) /api/show/gui/widget/client/usage
Alerts for Connectivity Check 500H Series WAN Interfaces
Hi, how can we check the status of WAN interfaces using Connectivity Check on the H series? On FLEX and ATP routing, we can see if the WAN interface is active on the outbound trunk, but I can't see this on the H series. Is there an alert we can activate to check the status of the WAN interfaces and whether they are active?
V 1.38 SSL VPN DNS bug
Good day, After upgrading my flex700h to the latest (1.38) firmware, SSL VPN stopped to do any DNS resolution. In VPN - SSL VPN, option DNS Server I have ZyWall. Used to work fine. When I check logs now of VPN client connected, I see this "ZyWall" is passed as is, while it has to be an IP instead. I have currently fixed it…
[USG Flex H] - Remove domains from DNS
Hello everyone, I need helps to understand how to remove domains from the DNS Zone Forwarder. I'm in this situation: I've created a wrong domain into a Zone Forwarder, and not is not possible to remove anymore First of all, why the domain is a dropdown list? For me is better to have a textbox; in the second instance, how…
Multiple Source IPs in NAT rules
Hi, I currently have a Web API that requires HTTPS traffic forwarding to our internal Web server through the USG Flex H series. We've got a group of IPs that all require this same NAT rule applying to them, but I couldn't figure out a way to do this and as a result I have had to configure 6 individual NAT rules that…
V1.38 - IPsec VPN split tunneling not set correctly
After updating to v1.38, the IPsec VPN auto‑configuration script does not correctly set split tunneling. Based on a quick review of the script, the "true" variable does not appear to be set correctly in this section:
Zyxel Newbie - Basic Network configuration
Hello, I want to make easy and secure management of my home network. I'm newbie on firewall management and configuration, so forgive me if I can't understand some terms. My network devices are: Fritzbox 7690 (DHCP disabled) Zyxel USG FLEX 50H (DHCP enabled on LAN Zone) Zyxel XMG1915-18EP (Default configuration with VLAN 1)…
[USG Flex H] - Export the CA trusted certificate
Hello everyone, I try to use the internal certificate functionality; I've tried to create a cert and download it, all works. But, when I try to export the CA certificate from the "Trusted Certificates" tab, the downloaded file seems to be corrupted. Anyone that uses this functionality? Can you help me to export the CA…
[USG Flex H] - How to resolve external FQDN to internal Hostname/IP
Hello everyone, I try to achieve myself this question using the DNS settings, but without any success. My goal is to internally resolve an external FQDN site with an internal hostname/IP. For example I would like to resolve the FQDN "www.google.com" AS 192.168.0.1. In Windows, this can be achieve modifying the hosts file,…
FLEX 700H services
Good day, Have a question if there are any plans to add functionality: SSL VPN certificate based authentication. Login/Pass as the only method looks really insecure. In NXC2500 (wifi controller) it was a nice feature to generate guest logins on the fly. Is it something similar feasible/planned in 700h? Thank you
USG FLEX 200H: Remote Access VPN (IKEv2) Split Tunnel limited to a single CIDR field
Hi everyone, We are currently configuring a Remote Access VPN (IKEv2) on a USG FLEX 200H. While setting up Split Tunneling, we’ve noticed a major limitation compared to the Site-to-Site (S2S) configuration. In Site-to-Site VPN, the H-series easily allows the selection of multiple subnets. However, in the Remote Access VPN…
USG FLEX 200H - IPSEC Site To Site VPN - FIRMWARE BUG V1.35(ABWV.2)
Multiple VPN connections can't be established when there are two distinct networks on the same Flex 200. For example, you have a port with IP subnet address 192.168.1.0/24 and another port with subnet 192.168.10.0/24. If you attempt to create two distinct IPSEC Site to Site VPN connections it will fail. In this example,…
[USG Flex H] - Wireguard/Tailscale
Hello everyone, Today I've tried to configure the Tailscale VPN, but I've some questions about: Why is not possible to use Wireguard? I think that Wireguard is more affidable than Tailscale. Tailscale is a service on-top of Wireguard, end of support/develop, end of Tailscale service; instead Wireguard is a low level app,…
SSL VPN from internet
Hi, I have a USGFLEX100HP. I configured SSL VPN according to the manual, exported the configuration file, imported it to OpenVPN, and I can connect via VPN, but only from the local network. When I try to log in from the internet, it won't let me in. It logs in, logs in, and then stops. What do I need to do? Any NAT or…
USG FLEX 700H - Problems
Hello: I currently have a USG FLEX 700H with firmware version 1.37(ABZI.1). I've been experiencing unexpected devicerestarts. Upon checking the systemmonitoring, I observed that both CPU and RAM usage remain at high levels. Torule out a configuration issue, I performed a factory reset, restoring thedevice to its default…
Can I determine which firmware version is pre-installed without booting up the USGFLEX200H?
Can I determine which firmware version is pre-installed based on the labels on the USGFLEX200H device and the box? Best regards :) Wojtek
USG 100H cant access youtube via roku
I just switched from a USG FLEX 700 down to a USG 100 H. With the new devices, none of our Roku devices can access youtube. I have disabled all security services without any luck. There is nothing in the logs the shows any type of an error from these devices. As a last resort, I specifically added a rule to permit QUIC…
[USG Flex H] - Timeout during Tailscale connection
Hello everyone, At night, I have the habit of turning off everything I'm not using; one of these is my networking, including my firewall. Every morning, I use automations to turn everything back on, and I'm finding that the firewall is no longer connected to the Tailscale network. Today checking the logs, I find this:…

Welcome!

It looks like you're new here. Sign in or register to get started.