Discussions - Zyxel Community

Why Did I Lose DHCP Hostnames After Firmware Upgrade?
Question: Why did I lose DHCP hostnames after upgrading my USG FLEX device to firmware version uOS 1.30? Answer: From firmware version uOS 1.30 onwards, DHCP hostnames must comply with RFC1123 rules, which require the following: * Hostnames cannot start with a hyphen (-). * They may only contain letters (A-Z, a-z), numbers…
How do I execute SNAT for a specific WAN interface on a Nebula firewall?
Question : How do I execute SNAT for a specific WAN interface on a Nebula firewall? Answer : For instance, if the user wants to specify that LAN1 clients should use SNAT via WAN1 or WAN2, please navigate to Site-wide > Configure > Firewall > Routing to add a policy route. Choose WAN1 or WAN2 as the Next-Hop, as shown below:
How to check the vlan interface status via the CLI on ATP and USG Flex models?
Question : The user may need to use CLI commands to check vlan interface information for troubleshooting or maintenance purposes. This article will guide you on how to execute it. Answer : The user can use the CLI command "show interface all" to list the current firewall's interfaces first, as shown below: If the user…
How to check the nslookup result via CLI commands on USG Flex H models?
Scenario : The user may need to use CLI commands to check nslookup result for troubleshooting or maintenance purposes. This article will guide you on how to execute it. Answer : Please issue the CLI "cmd diagnostics nslookup domain-name-or-ip domain-name URL" to check the result. Refer to the below example : cmd…
How to check the firewall's DNS cache via the CLI?
Question: The user may wish to check the firewall's DNS cache via the CLI for troubleshooting purposes. This FAQ article will guide you on this. Answer : Please issue the CLI command "show ip dns server cache" to check it, as shown below:
How to configure the UDP session timeout value on USG Flex H series models?
Scenario : Users may wish to configure the UDP session timeout value on USG Flex H series models for specific purposes such as VoIP-related traffic. This article will guide you on how to configure it. Answer : Please navigate to System > Advanced > System Parameters > UDP Timeout to adjust your desired value. Once you…
Why I cannot access specific websites?
Scenario: There are certain websites that I cannot access, but other websites are available. Answer: It could be ICMP TTL expired. By default, ICSA is enabled which means the connection will terminate when ICMP is unreachable or ICMP TTL expires. So if there are too many hops, it may cause TTL to expire. How to solve:…
Ports cannot perfom Port Group with other ports
This is current limitiation: 1)Port 1 and Port 2 of the USG FLEX 500H and USG FLEX 700H cannot perfrom Port Group with other ports. 2)Port 13 and Port 14 of the USG FLEX 700H cannot perform Port Group with other ports. Find the detail in Release Note.
How can I check DNS resolution using the CLI on USG Flex H series models?
Question : The users may want to know how to use CLI to check DNS resolution on the USG Flex H series models. This article will guide you on how to execute it. Answer : Please use the CLI command 'cmd diagnostics nslookup domain-name-or-ip domain-name' and enter the domain you wish to check. For example, if we want to…
How to change Firewall MTU
1)Network → Interface Ethernet, and click interface you want to change 2)Show Advance settings, You can change MTU value in Interface Parameters.
[ATP/FLEX]How to find which country the IP located
Log in Fireawall by SSH and perform the following command Router# configure terminal Router(config)# show geo-ip geography address {IP} For example:
How to find IP address which FQDN object resolve to
Scenairo: You are unable to access certain websites but you have excluded possibility of them being blocked by UTM. If you are using FQDN objects, Please check if the blocked FQDN happens to resolve to the IP address of the website. Especially if it's a CDN service, this scenario is quite likely to occur. Workaround: Using…
What is the ARP table refresh time in USG Flex / ATP models?
Scenario : Users utilize the ARP table to monitor MAC and IP corresponding information. IP addresses may change or be released from time to time in users' network environment, and users may want to know the ARP table refresh time in USG Flex / ATP models. Answer : Users can use the CLI command "show arp-table" to monitor…
What's IGMP Proxy
Scenario: Your IGMP sender/receiver located on different subnets. To communate each other, you have to allow IGMP routing Concept: IGMP routing, or more accurately, multicast routing, is necessary to efficiently manage multicast traffic across multiple network segments or VLANs. Internet Group Management Protocol (IGMP)…
How to add existing DHCP IP to reserved IP from Web-GUI in USG Flex H series devices?
Scenario : Users can easily reserve an existing DHCP IP from the Web-GUI. Answer : Please navigate to Network Status > DHCP Table > Current DHCP List > to check the DHCP client that you wish to reserve and click "Reserved". The DHCP client's status will then change to "Reserved," indicating that the DHCP IP has been…
How to add reserved IP
Scenario: You would add static DHCP for certain client. Workaround: 1)Network Status → DHCP Table and click Add. System add a Reserved address within Host Name "host_{IP}" 2)Also used CLI to define your customize Host Name #vrf main dhcp server {subnet} host {your hostname} {MAC_Addr} {IP} For example: #vrf main dhcp…
How to add DHCP option 121 by CLI
Symptom: You would add user-defined DHCP option 121 Workaround: You can add by CLI. For example, Dst:1.1.1.0/24 Gateway: 192.168.1.2 . 1)Write as RFC format : 24.1.1.1.192.168.1.2 2)Translate to Hex 18:01:01:01:C0:A8:01:02 3) usgflex200h running#vrf main dhcp server subnet <your subnet> user-defined <uint8> hex-string…
Site-wide Topology V17.30 Enhancement
Enhanced User Experience The user experience has been a focal point of this update. One of the most notable enhancements is the introduction of a new filter option that allows users to distinguish between online and offline clients. This feature ensures that administrators can quickly identify the status of each client,…
How to setup UDP session timeout by CLI
We currently do not have a GUI to set these parameters, please refer to the CLI The GUI will be found in 1.20 200h>edit running 200h running config#system network-stack conntrack udp-timeout-stream <seconds> ; You can find some paremeter which you want after system network-stack conntrack ; udp-timeout-stream equal…
[ATP/FLEX]Add another WAN by Port Group
Scenario: You want to add another WAN for the firewall, but the predefined WAN have already been used. Workaround: Please add another WAN Group then adding the Optional Port into the new Group

Welcome!

It looks like you're new here. Sign in or register to get started.