A comprehensive guide of replacing devices in Nebula
Zyxel Employee
This article is designed to walk you through the process of replacing a device within Nebula. It will provide a step-by-step guide for device replacement, outline which configurations require reconfiguration, and identify configurations that can remain unchanged after successfully swapping your device due to an RMA or exchange.
Firewall
Note: The following table applies when changing your firewall to the same model (e.g., USG FLEX 500 to USG FLEX 500) and not when transitioning to a new model (e.g., USG FLEX 500 to ATP200).
Section | Configuration | Needs re-config |
|---|---|---|
Site-wide > Devices > Firewall | Firewall Name | Yes |
Site-wide > Configure > Firewall > Port | Port Group | No |
Site-wide > Configure > Firewall > Interface | WAN interface, LAN/VLAN interface | No |
Site-wide > Configure > Firewall > Routing | Policy Route/Traffic Shaping, Static Route, WAN load balancing | No |
Site-wide > Configure > Firewall > NAT | Virtual Server, 1:1 NAT | No |
Site-wide > Configure > Firewall > Site-to-Site VPN | Site-to-Site VPN, Non-Nebula VPN peers | No |
Site-wide > Configure > Firewall > Remote VPN | Domain name, IPSec VPN Server, L2TP over IPSec | No |
Site-wide > Configure > Firewall > Security Policy | Security Policy, Anomaly Detection and Prevention, Session Control | No |
Site-wide > Configure > Firewall > Security Service | Content Filter, Application Patrol, DNS/URL Threat Filter, IP Reputation, Sandboxing, Intrusion Prevention System (IPS) | No |
Site-wide > Configure > Firewall > Captive Portal | Captive Portal | No |
Site-wide > Configure > Firewall > Authentication Method | Network Access | No |
Site-wide > Configure > Firewall > Firewall Settings | DNS, Dynamic DNS, Authentication Server, Wallet Garden | No |
Switch
Section | Configuration | Needs re-config |
|---|---|---|
Site-Wide > Monitor > Switch > "Switch Name" | Configuration (Switch Name), Status (IP Configuration, DNS Configuration | Yes |
Site-Wide > Devices > Switches > Switch Name > Port X | Port Name, Tags, Port enable, RSTP, STP Guard, LLDP, Link Port isolation, IPSG Protected, Bandwidth Control, Loop guard, Storm Control, Type, Management Control, PVID, Allowed VLANs, IPTV Settings | Yes |
Site-wide > Configure > Switches > ACL | Management Rules, Customization Rules | No |
Site-wide > Configure > Switches > IP & Routing | IP Interface, Static Route | No |
Site-wide > Configure > Switches > ONVIF Discovery | ONVIF Configuration | No |
Site-wide > Configure > Switches > Advanced IGMP | IGMP Configuration | No |
Site-wide > Configure > Switches > Authentication | Authentication Server, Authentication Policy | No |
Site-wide > Configure > Switches > PoE Schedules | PoE Schedule | No |
Site-wide > Configure > Switches > Switch Settings | Auto-configuration recovery, VLAN configuration (Management VLAN only), STP Configuration, Quality of Service, Voice VLAN etc. | No |
Access Point
Section | Configuration | Needs re-config |
|---|---|---|
Site-Wide > Monitor > Access Points > AP Name | Configuration (AP Name), Status (IP Configuration, DNS Configuration | Yes |
Site-wide > Configure > WiFi SSID Settings | WiFi Name, WiFi Settings, Guest Network | No |
Site-wide > Configure > Access Points > SSID Advanced Settings | Network Access, Traffic Options, Advanced Settings | No |
Site-wide > Configure > Access Points > Captive Portal Customization | Themes, Click-to-continue/Voucher/sign-on page, External Captive Portal URL, Captive Portal Behavior | No |
Site-wide > Configure > Access Points > SSID Availability | SSID Availability, SSID Schedule | No |
Site-wide > Configure > Access Points > Radio Settings | Country, Maximum Output Power, Channel width, DCS setting, Smart Steering, WLAN Rate Control | No |
Site-wide > Configure > Access Points > Radio Settings > Edit (AP List - 2,4/5/6GHz Radios) | Radio mode, Channel, Channel Width, Maximum Output power, Airtime Fairness, Smart Steering (all parameters per AP) | Yes |
Site-wide > Configure > Access Points > Traffic Shaping | WLAN Traffic Shaping | No |
Site-wide > Configure > Access Points > Security Service | Application Visibility & Optimization, Threat Protection | No |
Site-wide > Configure > Access Points > AP Port Settings | General Setting, Load Balancing, Port Setting | No |
Site-wide > Configure > Access Points > AP Port Settings > Edit (AP List) | Enabled, PVID, Allowed VLANs | Yes |
Save Configuration via Configuration Management
Configuration synchronization allows you to easily copy configurations from one site or Nebula Device to another. Use this screen to synchronize the configuration between sites or switch ports. You can also back up the current configurations for sites or switches to the NCC and restore the configuration at a later date.
You may clone a site configuration to a new site or clone a particular switch configuration to another switch in the same site via the Backup & Restore section of the "Configuration management" settings.
Replace/Swap a Device in Nebula
Note: Before proceeding with the device exchange, ensure you have the necessary owner privileges to perform actions within the NCC.
Navigate to Organization-wide > Administrators
Step 1: Remove the Old Device from the Organization
- Navigate to Organization-wide > License & inventory > Devices
- Locate the old device that you wish to swap and mark it
- Click on "Actions" and then choose "Remove from Organization"
- Confirm the action by clicking "Yes" when prompted
Step 3: Add the New Device to the Organization
- Navigate to Organization-wide > License & inventory > Devices
- Click on the "Add Device" button
- Enter the serial number and MAC address of the new device, or scan the QR code using the Nebula mobile application
- Follow the on-screen instructions to complete the device registration process
Step 4: Assign the New Device to the Organization
- Once the new device is successfully added, go to the "Devices" list under "License & Inventory"
- Locate the newly added device and ensure it is selected
- Click on "Actions" and choose "Assign to Organization"
- Select the same organization that the old device was assigned to
Step 5: Configure the Device Deployment Method
If you have a firewall in your network, you need to choose the appropriate deployment method for the new Zyxel device.
Nebula Native Mode (Recommended):
- Navigate to "Organization-wide" and select "Network-wide Settings"
- Click on "Deployment Method" and choose "Nebula Native Mode"
- Save the settings to apply Nebula Native Mode to the new device.
ZTP Mode (if Nebula Native Mode is not available):
- Connect a PC locally to Port 4 (P4) and your WAN connection to Port 2 (P2) of the new device.
- Log in to Nebula Cloud Center and go to "Site-wide" select "Monitor" and then "Devices"
- Locate the new device and click on "Firewall" settings.
- Select "ZTP Process" and follow the provided instructions to complete the ZTP configuration.
Step 6: Verify Device Online Status
- Allow some time for the new device to come online (maximum 5 minutes) and establish a connection to Nebula
- Cloud Center. Check the device's online status in the "Devices" section to ensure it is functioning correctly.
Congratulations! You have successfully exchanged a Zyxel device in Nebula Cloud Center, and the new device is now fully operational within your organization's network.
Kay
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 91 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 918 WirelessLAN
- 35 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 920 Nebula FAQ
- 422 Security FAQ
- 237 Switch FAQ
- 208 WirelessLAN FAQ
- 47 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight