USG FLEX H Series - Zyxel Community

Domain Zone Forwarders not working
Has anyone use Domain Zone Forwarders on the Flex H range to direct specific requests to different DNS servers? I have had to open a ticket as it doesnt appear to be working on my FLEX 700H when directing DNS requests for the nhs.uk domain to a DNS server accessible via an IPSEC VPN. My static routes are in and working as…
USG FLEX 500H crashes every 24-48 hours
I have purhased a ZyXEL USG FLEX 500H for a client of mine to replace a set of routers/firewalls for 2 ISPs with static IP address blocks each. Everything worked fine for about 2 months. We applied some changes to the firewall rules to cleanup the network setup causing the firewall to crash randomly every 24 to 48 hour…
200H, very slow IPSec VPN remote access
USG FLEX 200H, firmware V1.20(ABWV.0) In theory, IKEv2 IPSec VPN should be faster, but on 200H it's only a third of throughput of SSL VPN. That's with AES256 and SHA256 for both phases. If I increase SHA to 384 or even 512 and modp to 3072 it comes to a halt. Everything will time out. It seems like hardware-accelerated…
Log shows incorrect interface for site to site traffic wrong policy allows the traffic
USG FLEX 200H V1.10(ABWV.1) In my setup I have USG60W VLAN4093 192.168.252.0/23 with tunnel FLEX200H Ge3 192.168.254.10/29 as WAN to LAN2 192.168.254.9/29 on USG60W VLAN47 on FLEX200H 192.168.255.32/28 site to site in zone IPSec_VPN when I ping 192.168.255.40 from 192.168.253.1 log show 192.168.253.1 coming from Ge3 when…
DDNS in V1.20 for 2024-04-18 14:10:29 problems
I'm sure DDNS was working fine in V1.20 2024-04-15 So I have three WAN's VLAN443, WAN2 and WAN3 if all three are on line WAN2 tries to DDNS sends a SYN gets a SYN ACK then it RST it but if I remove WAN3 then DDNS for WAN2 works It will work on a reboot then if you disable/enable the DDNS for WAN2 shows fail until you uplug…
Remove an Static IP entry on a LAN interface gives error
If I try to remove an Static IP entry on a LAN interface I get: CLI Number: 17 Error Number: -4005 Error Message: 'DHCP pool does not exist.' Everything I try to do to resolve this, does not solve the problem. There are entries in de the tables that work! Can you help?
Quick fix for remote access VPN
At some point it be like current models where you can have many remote access VPN but for now just one. So this setting in FLEX200H is like this in FLEX200 Problem is that setting in FLEX200H is used for the config for where the client connects too which can be wrong and also how the Certificate is made So to fix this…
Unable to Establish VPN Connection
I was recently setting up a VPN, and it turns out that when I used the wizard tool, it didn't work when executing the .bat file; it basically didn't establish a connection. I believe the problem is that the USG Flex 100 is not directly connected to the internet but to a router. Can anyone advise me on which ports or…
VPN by Domain Name not working for remote access VPN
USG FLEX 200H V1.20(ABWV.0)ITS-m4447 Domain Name / IP for Domain Name like dnsip11.ddns.net that points to 192.168.255.235 not working when PC on the same LAN but if I use IP or interface it works for downloading the configuration get “policy match error” when using dnsip11.ddns.net when I tested this on V1.10 it I'm sure…
How can I get RMA Shipping Labels to return an USG Flex Series?
Per support case 427327, Zyxel has requested the RMA of a malfunctioning USG Flex Series. How do I send this to Zyxel?
How to separate networks on USG FLEX 500H to isolate the server from the local network
Hi everyone, I recently purchased a USG FLEX 500H and I'm trying to configure my network to separate the Nextcloud server from the local network where all the PCs are connected. I want to enhance security by isolating the server from the rest of the network. Currently, the Nextcloud server is installed via snap. I have a…
Resolve DC dns via Zyxel
Hello colleagues. I need to resolve my DC's DNS queries from my Zywall. I have to install a 700H in a school and the best way to work content filter is with Zywall DNS. The computer room needs to access the DC to validate users. Which is the best option?
Zywall USG 20 fan operating logic
Hi, I'm from Italy, excuse for my English…I have found 2 old Zywall USG20 (firmware update to last release) that everyone has the fan which start ad stop in loop every time. It's a normal operation? Thanks you for the attention and best regards. Cesare
USG Flex 500H IPSec VPN >> Remote Access VPN stuck "Apply changes"
Hi, Every time I open the options VPN>>IPSec VPN>>Remote Access VPN, a "Some changes were made" pop-up window immediately appears, even though I haven't made any modifications. Additionally, it's not possible to connect via the built-in Windows VPN. Restarting the device didn't help. If I change the certificate to "Auto,"…
Uptime and get-device-config on login
Certificate Import showing password in plain-text
uOS v1.20(ABZH.0) shows the password of the certificate in plain-text when importing a certificate. Worst of all if you click on import again the password is still there in still in plain-text. I tested it in Chromium based browers and in Firefox based browsers both show the same behaviour.
Update firmware
Hello i see that there are a new firmware 1.20(ABXF.2)C0 But when i login in myzyxel i don't see the model (USG FLEX 100H) and firmware Where can i download the new firmware? Thanks
How do I change standby firmware boot-option
USG Flex 200H - Firmware 1.20(ABWV.2) 1.) How do I change standby firmware boot-option from 0 to 1? boot-option - Show boot-option, which is used to reboot machine when backup firmware upgrade successfully. 0:reboot, 1:not reboot. There's nothing in CLI Reference Guide for 1.20 firmware on how to change boot-option. 2.)…
Flex 200 - Two factor authentication
Wanting to use this for l2tp users, to get an 2fa email for access to the network. Spent an hour, no luck. Wondering if it works?
uOS 1.20 BWM/QOS Interface choice needed
Hello, Is there a way to change incoming and outgoing interfaces to "any", because you have to choos a interface. I'd like to make a BWM Rule for VOIP for every traffic, also to VPN. regards Roman

Welcome!

It looks like you're new here. Sign in or register to get started.