Zyxel_Jeff  Zyxel Employee


Last Active
Zyxel Offical Agent
Which product type of newsletter you want to receive?
Business and consumer products


  • According to your requirement, you can configure those
three security policies sequentially, as below: 

(1). Allow vlan10 to Any 

(2). Deny vlan20 to vlan10 

Allow vlan20 to Any Thanks.
  • Hi @MilDro Answers are below:(1) It’s a default security policy so cannot be disabled. (2) Not very clear about your requirement. Do you mean only allowing the traffic from valan10 to vlan20? What application scenario do you want to deploy?Or, you can describe more about your requirement for us?(3) You can choose the…
  • Hi @nacho Once the UTM service is expired and the security service can't work, so please purchase the license to renew it. Thanks.
  • Hi @baba 

Below is your current topology: 


If you want to change to the below topology: 


Please configure switches that just forward
packets between NWA 110AX APs and USG Flex200 without VLAN tags then set the VLALN ID 1 on the Zyxel
NWA 110AX APs, as below:…
  • Hi @mlik Can you use the WiFi Analyzer tool to check the WiFi 2.4GHz radio if it is too noisy (such too many 2.4G WiFi signals interference) in your environment? If there are too many 2.4G WiFi signals would impact the WiFi throughput performance. You can enter the Windows CLI : netsh waln show int to check the WiFi health…
  • Hi @Hoygen83 Thanks for your update. Can you share your VPN-related settings screenshots with us? BTW, while the VPN disconnects are there any suspect logs relates to disconnection on the Monitor log? 
  • Hi @Niro96, Can you provide the device config file and the packets of wan and lan interfaces while the symptom occurs for us via private message for further checks? Thanks.
  • Hi @nacho Once the UTM license service is expired, the security service cannot work. For security considerations, we would suggest you renew the UTM license service on your device. You can purchase the license on the Zyxel Marketplace : https://marketplace.zyxel.com ,thanks :) .
  • Hi @Hoygen83 The debug hardware commands are used for our production process testing purposes mainly. If you enter the CLI: debug hardware fan-get you can get the CPU and the fan rotational speed result are reported from SNMP. The CPU temperature unit is presented in degrees Celsius and the fan rotating speed is measured…
  • Hi @Hoygen83 One more question, if the VPN is disconnected, does the traffic still can be passed via the VPN tunnel? Or not? Thanks.
  • Hi @wave01 

Welcome to the Zyxel community. Currently, the config
of USG210 only can be transferred to ATP200 or USG Flex500, please refer to the
config converter website: https://convert.cloud.zyxel.com/
  • Hi @Hoygen83 Can you share the screenshot of the 3600 seconds parameter configuration with us?BTW, while the VPN disconnects you can navigate the Web-GUI path: Monitor->Log -> View Log to see if there is any VPN disconnection related log. If so, you can share the log with us, too. Maybe we can analyze that for you, thanks.
  • Hi @Niro96 You can refer to this link to see how to config NAT port forwarding. BTW, can you share the error Monitor log message to us? Thanks.
  • Hi @Niro96 

While this
symptom occurring, can you check the Monitor log to see if there is any blocked
or drop message? It's may a clue. You can navigate the Web-GUI path:
Monitor->Log -> View Log Thanks.
  • Hi @Manuel13 If you have USG Flex or ATP models you can refer to this tutorial : Remote Access VPN Wizard for SecuExtender IPSec and Non-SecuExtender IPSec VPN Clients https://community.zyxel.com/en/discussion/12522/remote-access-vpn-wizard-for-secuextender-ipsec-and-non-secuextender-ipsec-vpn-clients#latest Android 12 and…
Default Avatar