How to setup internal VLANs on USG Flex 100H

DJWindows · December 2023

Hello Folks,

I'm pretty new to Zyxel USG Flex H-Series so I need Help in setting up VLANs.
I know the basics of VLANs and how they are handled but I'm comming from total different vendors (Sophos/Cisco).

Setup goal:

The LAN-Interface (ge3) has the subnet 192.168.10.x . Additional to that I need 2 VLANs on this interface:
- 192.168.110.x
- 192.168.120.x

In the end the subnets 192.168.10.x and 192.168.120.x have to communicate with one host in VLAN-Subnet 192.168.110.x but not between each other.

All tutorials I've found relying on USG 100 but not 100H and the interface seems to be totally different.

So please - if anybody could help me with that soon would be perfect.

Cheers
Sebasian

PeterUK · December 2023

Yes the new H models have a whole new layout vs old models

all ports are configurable meaning you can have any port be WAN (External) or LAN (Internal) with VLAN on top WAN or LAN.

I guess you have managed to log n to the Flex? Port setup for WAN you can use the LAN port you logged in to you can change that IP to 192.168.10.1 then re login

best go to object > Zone and make some zones like VLAN110 and VLAN120

then go to interface under Internal +add
interface type VLAN
name like VLAN110 and VLAN120

port you logged in as like P3 for the VLAN to be on
zone VLAN110 and VLAN120
VLAN ID 110 or 120
fixed IP
192.168.10.x and 192.168.120.x
DHCP to how you want

apply to the same again for the other VLAN

by default SNAT is enabled so you should not need to added router rule but can if needed

policy control by default LAN to any may need to be changed to how you like
you can have rules like
LAN to WAN
VLAN110 to WAN
VLAN120 to WAN

all zones isolated

Then add to say
LAN to VLAN110
VLAN110 to LAN

to allow traffic between zones

PeterUK · December 2023