-
Ability to rename / delete primary administrator account
I'd love to be able to create my own primary admin account username with something different to "admin" At present, a hacker only has to be able to guess a password, as the username "admin" cannot be removed or disabled. I'd prefer to make unauthorised access harder, by forcing would-be hackers to also having to guess my…
-
ATP100 - Allow "admin" to be renamed and/or deleted
When installing a Windows Server OS I always rename the Administrator account to an individual name. "Admin", "admin" and "Administrator" are well-known user names that hackers use first when trying to attack a system. My ATP100 does not allow me to rename or delete the standard "admin" account. I can just change the…
-
ATP 200: Multicast and broadcast routing across VLANs to enable media sharing protocols.
I have created several segments (VLANS) in my network to increase security of my home network. One VLAN is for computers and mobile phones, another VLAN is for data servers (e.g. NAS), another VLAN is for media players (e.g. TVs, SONOS audio players or printers) and another VLAN for IOT devices like Philips Hue.…
-
Provide REST API for certificate upload for GS1900 series switches (and more?)
Note: This is going to be a long and complicated description. If you would like to have a detailed discussion I am very interested. Please feel free to reach out privately. I am trying to add support for GS1900 series switches to the opensource acme.sh project (https://github.com/acmesh-official/acme.sh) so that I can…
-
Virtual Switch / Port Group
Hello, I am new to Zyxel Switches, but I cannot find an option to create virtual Switches (as in VMWare VSphere Port Groups) that keep groups of ports completely separated from each other (independent of VLAN). I think it would be much clearer to the user which groups/sets of ports can NOT communicate with each other, if…
-
Page to select VLAN assignment for a specific port / multiple ports at once
I am new to Zyxel Switches, but I noticed that there seems to be no option to assign / unassign membership to different VLANs efficiently for a specific port or a pre-selected set of ports. I have to edit each VLAN in VLAN Setup, scrolling to the port number (it's not even showing the names) and change its assignment. If i…
-
2FA authentication by EMail
2FA authentication by EMail on FLEX H models allow 2FA authentication from other IP then the connecting VPN IP is from allow 2FA authentication by WAN
-
Automatic Firewall config save to Nebula
Nowadays if I change something, I manually save roms of my clients(41 FLEX 200 models, 34 FLEX 100, 10 FLEX 50). I can choose to regurly send roms to an emailadress, but that will be a mess. Why no automatic save to Nebula of it's connected with Nebula? Even better would be that it automatically downloads the rom if…
-
In WRR Trunk Load Balancing, add "Bind all sessions from one IP" option on H series Zywall
WRR distributes sessions among available WAN interfaces/lines. However, this may have an adverse effect if multiple sessions from the SAME client are spread among WAN interfaces, effectively showing different IP addresses from the different interfaces. Some sites/apps/services require more than one session to be open, and…
-
DHCP and Secondary IP
It CAN be possible older models do it! when you do a routing rule incoming LAN next hop WAN 2 SNAT outgoing-interface which will be the the DHCP IP Or in my setup also incoming WAN to Secondary IP 192.168.254.1 Source Address 192.168.252.0/23 next hop WAN 2 SNAT outgoing-interface which will be the the DHCP IP with Static…
-
SecuExtender VPN CLIENT for ARM processor
I propose a version of the IPSEC client for ARM CPUs.
-
ZySH scripts in FlexH
In the original version of Flex there was a Maintenance-Shell Script function from the beginning, this was very important for transferring parts of configurations between different boxes. In the new Flex H uOS 1.31 series this is no longer there, and it is reportedly not planned for version 1.32 (04/2025). Is there any…
-
USG FLEX H series - support user type 'ext-group-user'
User @p4_greg hopes the USG FLEX H series supports the user type 'ext-group-user', like the ZLD firewall. This use case is normally used to limit the VPN users to a specific Active Directory group. If anyone likes this idea, please leave your comment and give it a vote. Original post
-
GitHub - Repository
Dear Team, I would like to propose the creation of an official GitHub repository for Zyxel, where scripts and solutions for specific use cases can be shared. Currently, there is a lack of repositories containing ready-made templates and scripts, similar to what competitors like Fortigate offer. The repository could…
-
Console port compatibility with SH-RJ45A from DSD Tech
Hi to all the Zyxel folks reading this message, serial connection has been part of Zyxel devices I see for a long time… Zywall 2 Plus and Zywall 5 had a serial connection availabe, some with RS232 port some with an RJ45 port. Today, RJ45 console port is still on latest USG Flex lineup, and I think it's not going away soon.…
-
Extend options with API
We have an MSP license for Zyxel Nebula. But with the API you cannot retrieve MSP level information. For example searching through the changelog with the API. This way i can find when a new organization is created for example Als maybe it would be nice if i can download the logs with the API Further it would be nice if i…
-
Explain / Summarize effects of Tx Tagging disablement on multiple VLANs simultaneously
I am new to Zyxel Switches and at least for me, the "Tx Tagging" option in the VLAN Setup screen seems a bit confusing. On the one hand, seems to only apply to (inbound) traffic that is untagged - on the other hand there is no restriction that disallows disabling it on multiple VLANs for the same port at the same time.…
-
FWA710 - MIMO Signal Metrics
Add the signal metrics (RSRP, RSRQ, SINR) for the connected MIMO layers (4G & 5G) in the 'Cellular Info' meu for each connected cell.
-
Enlarge the maximum number of NAT rule on USG LITE 60AX
User @antohsu hope USG LITE 60AX can enlarge the number of NAT rule, so he can configure the needed ports for his MailPlus Server. Anyone likes this idea, please feel free to leave your comment and give it a vote! Original post
-
FWA710 - Cell Lock (LTE) enable / disable check box for rules
Would it be possible to add an 'Enable / Disable' check box for the PCI lock rules created in the Cell Lock (LTE) menu?