Discussions - Zyxel Community

How do I set up the DHCP option function on the USG Flex H model?
Question : How do I set up the DHCP option function on the USG Flex H model? Answer : Please navigate to Network > Interface > Interface > Internal LAN interface, which includes the DHCP server. Extend the Additional DHCP options to add a DHCP option. Add a DHCP option setting. For instance, choose Option as User Defined,…
Why is the last access time of the DHCP table the same?
Question: Why is the last access time of the DHCP table the same? As shown below, the Last Access time was 2025-02-07 09:32:11. Answer: The firewall checks the Last Access time of the DHCP client every 300 seconds. Once this procedure is completed, it generates the Last Access time records in the DHCP table. This is why…
What is the meaning of the Check Period value for the WAN Connectivity Check on the USG Flex H?
Question: What is the meaning of the Check Period value for the WAN Connectivity Check on the USG Flex H? Answer: It represents the time, in seconds, between each connectivity check performed by the firewall. For instance, the USG Flex 500H will perform the WAN connectivity check every 30 seconds. This means there will be…
What is the meaning of the Check Period value for the WAN Connectivity Check?
Question: What is the meaning of the Check Period value for the WAN Connectivity Check? Answer: It represents the time, in seconds, between each connectivity check performed by the firewall. For instance, the USG Flex 100 will perform the WAN connectivity check every 30 seconds. This means there will be ping checks…
What is the meaning of the Check Timeout value for the WAN Connectivity Check on the USG Flex H?
Question: What is the meaning of the Check Timeout value for the WAN Connectivity Check? Answer : It represents the time, in seconds, that the firewall will wait to determine whether the connectivity check is successful. If the connectivity check fails, the user should investigate why the WAN connectivity is not…
What is the meaning of the Check Timeout value for the WAN Connectivity Check?
Question: What is the meaning of the Check Timeout value for the WAN Connectivity Check? Answer: It represents the time, in seconds, that the firewall will wait to determine whether the connectivity check is successful. If the connectivity check fails, the user should investigate why the WAN connectivity is not functioning…
When WAN1 comes back online, why does the traffic continue to stay on WAN2?
Question: I have setup WAN1 as Active mode and WAN2 as Passive mode in trunk setting. But why the traffic still keep on WAN2 interface even the WAN1 interface has faillback completely? Answer: If you would like to disconnect all of the exist sessions from WAN2 when WAN1 interface has fallback completely, then you can…
How to block internet access from a specific vlan?
Question: How to block internet access from a specific vlan? Answer: During creating a VLAN interface, it requires to assigning the interface to a specific zone. You can create a specific zone for selected VLAN. And then create policy control rules to allow Intranet network and block Internet network. From VLAN10 to LAN,…
How can I flush sessions within specific source address on the USG Flex H using the CLI?
Question: How can I flush the exist sessions within specific source IP address on the USG Flex H using the CLI for troubleshooting purposes? Answer: The user can use the CLI command cmd conn clear source "IP Address" to flush the current sessions, as shown below:
How can I check the current session status on on the USG Flex H using the CLI?
Question: How can I check the connection session on the USG Flex H using the CLI for troubleshooting purposes? Answer: The user can use the CLI command show conntracks to check the exist session table, as shown below:
Why is the DHCP option not working?
Question: The user has configured the DHCP option with option code 132, but the DHCP option is not working. Why is the DHCP option not functioning? Answer: The possible reason is that when the client initiates the DHCP Discover, it doesn't include DHCP option 132. Please ensure that the DHCP Discover message includes DHCP…
How can I check the ARP table on the USG Flex H using the CLI?
Question: How can I check the ARP table on the USG Flex H using the CLI for troubleshooting purposes (such as debugging DHCP, etc.)? Answer: The user can use the CLI command show arp-table to check the current ARP table, as shown below:"
How can I check the status of the PPPoE interface on the USG Flex H using the CLI?
Question : How can I check the status of the PPPoE interface on the USG Flex H using the CLI? Answer: The user can use the CLI command show state vrf main interface pppoe <PPPoE interface name> to check the status of the PPPoE interface. Please refer to the example below for the USG Flex 200HP model: usgflex200hp> show…
How can I check the PPPoE configuration on the USG Flex H using the CLI?
Question : How can I check the PPPoE configuration on the USG Flex H using the CLI? Answer : The user can use the CLI command show config vrf main interface pppoe <PPPoE interface name> to check the current PPPoE configuration. Please refer to the example below for the USG Flex 200HP model: usgflex200hp> show config vrf…
How do I configure PPPoE on the WAN interface settings for the USG Flex H model?
Question : How do I configure PPPoE on the WAN interface settings for the USG Flex H model? Answer : Navigate to Network > Interface > Interface > PPPoE, and add a profile Select the Authentication Type, and type the user name and password. Click the Apply button to save it. Once the PPPoE connection is established, the…
How do I check the connectivity check failure log on the Nebula firewall?
uestion : Once the user configures the connectivity check the settings, as shown below: How to check the connectivity check failure log on the Nebula firewall? Answer : The user can navigate to Side-wide > Monitor > Firewall > Event log and select the Category to 'System' to search the historical log. For instance, if the…
Why can't the SFP LAN interface assign a DHCP IP normally?
Question: The user may face an issue where the SFP interface is set as an internal LAN zone port, but it fails to assign a DHCP IP to the host client. What could be the possible reason, and how can this problem be resolved? Answer: The possible reason why the SFP interface fails to assign a DHCP IP to the host client is…
Why Did I Lose DHCP Hostnames After Firmware Upgrade?
Question: Why did I lose DHCP hostnames after upgrading my USG FLEX device to firmware version uOS 1.30? Answer: From firmware version uOS 1.30 onwards, DHCP hostnames must comply with RFC1123 rules, which require the following: * Hostnames cannot start with a hyphen (-). * They may only contain letters (A-Z, a-z), numbers…
How do I execute SNAT for a specific WAN interface on a Nebula firewall?
Question : How do I execute SNAT for a specific WAN interface on a Nebula firewall? Answer : For instance, if the user wants to specify that LAN1 clients should use SNAT via WAN1 or WAN2, please navigate to Site-wide > Configure > Firewall > Routing to add a policy route. Choose WAN1 or WAN2 as the Next-Hop, as shown below:
How to check the vlan interface status via the CLI on ATP and USG Flex models?
Question : The user may need to use CLI commands to check vlan interface information for troubleshooting or maintenance purposes. This article will guide you on how to execute it. Answer : The user can use the CLI command "show interface all" to list the current firewall's interfaces first, as shown below: If the user…

Welcome!

It looks like you're new here. Sign in or register to get started.