-
200H with 1.32 - Only 2 CPUs working
Hello everyone, when I go into CPU details of my 200H I see that only first 2 CPUs are working: also under heavy load (like collecting diag infos). Is this correct? Core3 and 4 are not enabled to increase performances?
-
USG FLEX 700 CLI Reference Guide good for 700H
Is the "usg flex 700 cli reference guide" work with the 700H? I can't seem to find a "700H CLI Reference" on the website.
-
restore configuration
Hello, For example: let say i have an usg flex, and rearanged the ports. Like: ik gave p1 the name WAN, and further i configured P2, p3 p4 and p5 as LAN. Wan is dhcp, lan is 192.168.1.1 with dhcp server turned on. I make an backup from the config in nebula. When i do a factory reset of te flex50h. the orinal names and ip…
-
bug nat rules
ik think i found a small bug in nebula. I'm configuring nat rules when i create an rule, i see External port and Internal port filled in onpremise, but when i look in nebula, those 2 are empty. when i edit the settings of this rule, i don't see external port and internal port they are called external and internal service.…
-
VPNSSL OpenVPN
Hello everyone, they can create multiple openvpn ssl vpns in order to access different subnets based on the account (in the classic firmware versions it was possible)
-
Console web blocked
Hello, A customer who recently purchased an USG FLEX 700H encounters an error when accessing the administration page. Different web browsers have been evaluated. The problem remains the same. No error is visible, but it returns to the original page. I found no information. Thank you for your help. Greetings. Philippe…
-
Flex H BWM monitoring
Is there a way to monitor bandwidth usage for individual rules? Currently, without visibility into how much bandwidth each rule consumes, it's challenging to verify if the rules are behaving as expected.
-
Can this ARPing be stopped?
With FLEX H it tries to ARP on a WAN interface outside the given IP WAN it should not be needed to be done and my ISP does ignore them but best not to have them sent out also ARP broadcast when doing ping check ever 5 seconds plus more if you do another ping check rule in routing it would be best to only do a ARP broadcast…
-
USG Flex 100 H Remote Access VPN (IPSec) problem
Last time I set one of these up it was using pre-shared key, and it all worked fine. This has me stumped, though. I've configured the Remote Access IPSec VPN on the USG: I/f: ppp1 (it's a PPPoE pass-through log-in on ge1) Zone: IPSec_VPN Split tunnel: LAN 1 subnet range Client network: subnet that doesn't clash with LAN1…
-
NAT rule structure for PPPoE pass-through connection?
I've used Zyxel routers/firewalls for 20+ years and still when I go to a new model this seems to cause problems! USG Flex 100 H with dual WAN. WAN1 (P1) is a Zen full fibre connection, which uses PPPoEpass-through to connect, so has a child PPP1 i/f object WAN2 (P2) is a Virgin cable connection. The Business Hub doesn't…
-
Inactivate Internal Interfaces
Is there a way to inactivate/disable internal interfaces? Out of the box, the H series has ge3 and ge4 interfaces. I usually want the same untagged interface across all ports. However, I am unable to inactivate the ge4 interface and I have to assign it to at lease one port so that port is stuck on a different subnet. On…
-
Feature Request: VPN Policy IP Address Objects
When setting up IPSec VPN Phase 2 policies, it gives an option to select an address object. However, it limits objects to a "Host" or "Subnet" objects. Please add the ability to select "Range" and "Interface Subnet" objects as well.
-
USG Flex 500H Passive device HA mode MFA error
Hello, We have enabled MFA for the admin user. When the Passive device becomes active we cannot access the gui because the MFA is not working. When the Primary device returns active, we can access the gui normally. Tried with firmware 1.32 ga and 132ABZH0ITS-0423-250300903 Thank you
-
H Series AP Controller Support
Can you please add support for some older APs on the AP controller. I have a bunch of WAC6103D-I and NWA5123-AC HD APs at customer sites that do not appear to be supported by the AP controller on the H series routers. This is problematic as I try to upgrade customers off of the USG series to the Flex H series.
-
VLAN over LAG is not currently supported. WTF???????
Good morning. I'm writing this post very angry. I'm starting to get really tired of the Flex H series firewalls. There are always problems, and we've been on the market for over a year. The 700H are a disaster. Random reboots, patch after patch... And now the best part... LAG appears, but... surprise!!! IT DOESN'T SUPPORT…
-
Feature Request: BWM QoS
Can you add the ability to set 802.1p and DSCP tagging on BWM rules?
-
BWM Multiple Priorities
The H series BWM rules allows for setting a Priority (0-7)as well as download and upload limits. Documentation says that any given BWM rule can use any available extra unused bandwidth. However, it is not clear on BWM conflict resolution. How is extra bandwidth divided between rules of differing priorities as well as rules…
-
Flex 200H 1.32 FW - Missing scheduled email
Hello everyone, I have different H series in production but with 200H firewall I have issues again for scheduled email with daily report. After updating it everything was good until 23rd day, this is the last email it sent: Now it is the 25th day and I missed 2 emails. How can I fix it? PS: No issues with 100H firewalls.
-
How do you setup BWM to reserv some BW for SSLVPN road warriors users ?
The Flex H interface doesn't have anymore a way to use "SSLVPN zone" as an interface to define BWM rules. We can only use WAN or LAN interface. What is the best way to define a BWM rule to catch all SSLVPN traffic ?
-
Will H-series support 2FA via email for SSL VPN?
With previous ZLD-based firewalls, we were able to use 2FA via email method for SSL VPN. It was very simple for the end-users and fulfilled the 2FA requirement of most business cyber insurance policies. On H-series with the free OpenVPN client, the end-user needs to manually open a web browser and navigate to the…