-
What's New: uOS1.20 Patch2 Firmware Update for USG FLEX H Series
This discussion has been moved.
-
USG FLEX 500H VLAN CONFIGURACION
Hola, requiero configurar 10 VLANs y que tengan acceso a Internet y que se pueda reservar la MAC y crear un pool de DHCP.
-
Certificate site to site not working?
USG FLEX 200H V1.21(ABWV.0) So I have non H Flex200 with USG60W working with Certificate site to site but can't seem to get USG60W with Flex200H working: USG60W is set with Phase 1 Certificate zyxel-router4.ddns.net and have imported zyxel-router7.ddns.net to trusted Certificate Flex200H is set with Phase 1 Certificate…
-
VTI bootup causes VLAN to fail
USG FLEX200H V1.21(ABWV.0) P4 VLAN47192.168.255.39 255.255.255.240 VTI Route-based IP 192.168.254.9 Pre-Shared Key 12345678 Phase 1 AES128 SH256 DH2 Phase 2 AES128 SH1 DH2 VTI IP 192.168.255.42 255.255.255.240 Nailed-up On bootup clients onVLAN47 have no internet ping to 1.1.1.1 fails workaround go to network > interface >…
-
Assistance with Guest SSID and VLAN Configuration
I am using a Zyxel USG110 and have two Zyxel Access Points (APs) connected directly to the same LAN1 network (ports 4 and 5). The current configuration includes a Wi-Fi network with an SSID that uses the LAN1 IP subnet. I would like to create an additional guest SSID and assign VLAN10 to it. The intended network setup is…
-
SSL Inspection not running well
USG FLEX 200H V1.21(ABWV.0) Only some sites run well many others load slowly or not at all
-
are there IKEv2 problems with the USG Flex 100H router?
I have a system of 2 USG Flex 100H, 1 VPN100, 1 x USG40 and 1 USG Flex 200. To get IPSec VPN to all routers I had to reconfigure to IKEv1. I need SSL VPN to the Flex100H's and it works to 1, and not to the other. What coult get wrong, In the log I see that the public IP address is blocked through the default rule despite…
-
Security Policy list slow
The Security Policy list becomes slow and buggy when it contains many entries. Please optimize the list performance! I suspect the list's responsiveness to mouse hovers is causing the slowdown.
-
Site to site Route-based and Policy-based to same IP link issue
USG FLEX200HV1.21(ABWV.0) setup is USG60W LAN2 192.168.254.9 255.255.255.248 Gwtoflex200H_local2 Site-to-site with Dynamic Peer Pre-Shared Key 123456789 Phase 1 AES128 SH1 DH2 local policy192.168.252.0/23 remote policy192.168.255.64/28 Phase 2 AES128 SH1 DH2 VTI_test IP 192.168.254.10 Pre-Shared Key 12345678 Phase 1 AES128…
-
Speeded up SA Life Time site to site local test tunnel drops does not reconnect
USG FLEX 200H V1.10(ABWV.1) FLEX200H custom IKEv2 Interface ge3 WAN3 Peer Gateway Address 192.168.254.9 Pre-Shared Key Phase 1 Settings SA Life Time 300 AES128 SH1 DH2 Phase 2 Settings Initiation Nailed-up local 192.168.255.32/28 remote 192.168.252.0/23 SA Life Time 180 AES128 SH1 DH2 To speed up the problem I changed…
-
Ping over VTI Destination unreachable over time
USGFLEX200HV1.21(ABWV.0) Setup is USG60W LAN2 192.168.254.9 255.255.255.248 VLAN 55 192.168.55.1 255.255.255.0 VTI_test IP 192.168.254.10 Pre-Shared Key 12345678 Phase 1 AES128 SH256 DH2 SA Life Time 300 Phase 2 AES128 SH1 DH2 SA Life Time 180 VTI IP 192.168.255.43 255.255.255.240 FLEX200H Ge3 WAN3 192.168.254.10…
-
Domain Zone Forwarders not working
Has anyone use Domain Zone Forwarders on the Flex H range to direct specific requests to different DNS servers? I have had to open a ticket as it doesnt appear to be working on my FLEX 700H when directing DNS requests for the nhs.uk domain to a DNS server accessible via an IPSEC VPN. My static routes are in and working as…
-
USG FLEX 500H crashes every 24-48 hours
I have purhased a ZyXEL USG FLEX 500H for a client of mine to replace a set of routers/firewalls for 2 ISPs with static IP address blocks each. Everything worked fine for about 2 months. We applied some changes to the firewall rules to cleanup the network setup causing the firewall to crash randomly every 24 to 48 hour…
-
Static IP adrress reservation on USGFLEX 200H
Hi there, on the new 200H, i cannot find any option to make a static IP reservation same as on the former models/software. In firmeware 5.x you could select the network interface, give it an DHCP address range and confige static IUP adresses, which could be out of the DHCP range. Than activate the setting "Enable IP/MAC…
-
200H, very slow IPSec VPN remote access
USG FLEX 200H, firmware V1.20(ABWV.0) In theory, IKEv2 IPSec VPN should be faster, but on 200H it's only a third of throughput of SSL VPN. That's with AES256 and SHA256 for both phases. If I increase SHA to 384 or even 512 and modp to 3072 it comes to a halt. Everything will time out. It seems like hardware-accelerated…
-
Log shows incorrect interface for site to site traffic wrong policy allows the traffic
USG FLEX 200H V1.10(ABWV.1) In my setup I have USG60W VLAN4093 192.168.252.0/23 with tunnel FLEX200H Ge3 192.168.254.10/29 as WAN to LAN2 192.168.254.9/29 on USG60W VLAN47 on FLEX200H 192.168.255.32/28 site to site in zone IPSec_VPN when I ping 192.168.255.40 from 192.168.253.1 log show 192.168.253.1 coming from Ge3 when…
-
DDNS in V1.20 for 2024-04-18 14:10:29 problems
I'm sure DDNS was working fine in V1.20 2024-04-15 So I have three WAN's VLAN443, WAN2 and WAN3 if all three are on line WAN2 tries to DDNS sends a SYN gets a SYN ACK then it RST it but if I remove WAN3 then DDNS for WAN2 works It will work on a reboot then if you disable/enable the DDNS for WAN2 shows fail until you uplug…
-
Remove an Static IP entry on a LAN interface gives error
If I try to remove an Static IP entry on a LAN interface I get: CLI Number: 17 Error Number: -4005 Error Message: 'DHCP pool does not exist.' Everything I try to do to resolve this, does not solve the problem. There are entries in de the tables that work! Can you help?
-
USG FLEX 200H Error Code: [ID:20001]
Out of nowhere after login. Needed reboot.
-
Quick fix for remote access VPN
At some point it be like current models where you can have many remote access VPN but for now just one. So this setting in FLEX200H is like this in FLEX200 Problem is that setting in FLEX200H is used for the config for where the client connects too which can be wrong and also how the Certificate is made So to fix this…
-
USG FLEX200 HP Update problems
Hello I am trying to put a new USG FLEX 200 HP into operation. It is currently running with firmware V1.10(ABXE.0) Unfortunately I cannot connect to the update services. I get the error: Device Registration Status: Not Registered Request failed with status code 500 The device is registered in Nebula. I also see that there…