-
💬 Your Firewall Story Could Earn You $35 Across Two Platforms!
This discussion has been moved.
-
Secure Start with Zyxel x Tailscale 🎁 Get 6 Months of Tailscale VPN Free, Before Oct.!
This discussion has been moved.
-
[Trade-Up Program] 🔄 Time to Trade Up: Say Goodbye to Legacy USG, Hello to Next-Level Securi…
Time to Trade Up: Upgrade Your Legacy USG and Unlock a Powerful New Experience.
-
Connect via SSL VPN as a user from the AD group (USG FLEX 700)
Can't connect via SSL VPN as a user from AD A local user is connecting via SSL VPN (userl). notice SSL VPN Failed login attempt to SSLVPN from http/https (incorrect password or inexistent username) [count=2] Testing user userp in: aaa group server ad dc01 - OK username sslVPN - OK My settings: ! model: USG FLEX 700 !…
-
Security Policy Control Log
Hello, I have an USG FLEX 200H firewall, and I didnt find a way to make log from Security Policy Control events and save the log. The log in Log&Reports⇒Log/Events⇒System⇒Security Policy Control is very short in time range: 2-3 minutes long event list. Is there a way to make it longer and be saved or reported in email?…
-
personal agreement page has already error
-
SECUextender
-
Bridge DNS forwarding problem
VPN300 V5.37(ABFC.2) USG FLEX 200 V5.41(ABUI.0) So I think sadly nothing can be likely done for the VPN300 thats EOL but I might be able to workaround that but the problem happens on FLEX 200 so I be thankful if this could be fixed. The issue I'm seeing is I have a bind server with WAN IP does lookup from root servers you…
-
SSL VPN failed on macOS and Linux OS
Device: Zyxel USG FLEX 500 Firmware Version: (please insert your firmware version here) Service: SSL VPN Issue: SSL VPN is not working on macOS and Linux clients. The connection works normally on Windows using Zyxel SecuExtender, but macOS and Linux clients fail to establish the SSL VPN tunnel. Error messages: macOS:…
-
Setup Guide - IKEv2 VPN from Ubuntu 24.04 to an USGFLEX 200H
Here's a step-by-step installation and configuration guide for setting up an IKEv2 VPN client on a clean Ubuntu 24.04 system, using EAP-MS-CHAPv2 authentication and a split-tunnel configuration, with working ping to the Zyxel Firewall's LAN and internet preserved. The Zyxel USG FLEX configuration is identical to the one…
-
USG Flex H series "no sooner than" roadmap for missing functions/features
Is their a roadmap for when the missing functions/features in release notes 1.10 might be finished ("no sooner than")? Of course there may be other items such as a config file converter, or a means to convert USG Flex licenses to series H. 50 functions/features or so no doubt means a small number of them will not perform…
-
Problem with fine-grained CIDR notation (USG Flex 40)
The security policies seems to have a problem understanding CIDR notations from /27 and up (or is it down?). The case in hand is a number of servers in the 192.168.17.96 - 192.168.17.103 range, i.e. 192.168.17.96/29. But that doesn't work. Neither does 192.168.17.96/28, nor 192.168.17.96/27. I have to go all the way to /26…
-
Monitoring Mode not working on USG FLEX 500
Got a USG FLEX 500 that the Nebula Monitoring mode page seems to be bugged, as in it doesn't seem to functioning properly or accepting the ID that you give it. This happened a few months ago and I assumed this was a regular run of the mill bug that would get patched, but it still persists. Any ideas? I have a recording of…
-
USG Flex 500 doesn't connect to mail server
I recently moved from a Flex 100 to a Flex 500, and carefully (I hope) copied across all the settings. That all went fine, with one exception. We run a mail server called VPOP3. Mostly that just serves clients on the local net, but it should also serve external mail clients. To do that I've created a NAT rule which allows…
-
how to create vpn ssl with client openvpn
-
Is it possible to use Google Authenticator for VPN access - AD users ?
Is it possible to use Google Authenticator for VPN access (IKEv2/L2TP) when users authenticate via Active Directory ? (USG Flex 700)
-
Issues with built-in Wi-Fi and Guest VLAN after upgrading FLEX50W to firmware 5.41(ABAR.0)
Hi Folks, After upgrading the firmware of a ZyXEL FLEX50W to version 5.41(ABAR.0), the built-in wireless has become unstable. Additionally, the guest wireless network, which is associated with VLAN 9 and has a configured DHCP pool, no longer assigns valid IP addresses to wireless clients. Is there any patch or known fix…
-
ZyWALL USG20W-VPN - WLAN broke after V5.41(ABAR.0) upgrade
Hello, I upgrade from 5.40 to 5.41 and now my usual WLAN ssid does not work anymore. It keeps connecting / disconnecting. This happen from iPhone and from Arlo webcam. I tried to upload the 5.40 config file but problem remains. Also, strange fact: after logging in into 5.41 I get the error "wrong cli cmd…" but then…
-
EOL bug in VPN300 port group
VPN300 V5.37(ABFC.2) So not expecting this to be fixed just thought I share the problem. So this is the default each port is not shared or linked to another At one point I moved P6 to Ge3 so that P3 and P6 are under that interface all worked fine. Then I want to move P6 back to Ge6 which worked but firewall was allowing…
-
[USG FLEX H Series] - NTP Server
Hello everyone, Is it possible to use the USG Flex H as an NTP server? This way, I wouldn't need to expose my devices to the internet to synchronize their clocks, but the current time/timezone information would come directly from the firewall, as the only true time source. Thank you,
-
Multiple IPsec connections of a single configuration
Hello, I use Zyxel FLEX 100 with firmware 5.41. I noticed multiple IPsec connections of a single configuration. It looks like this in the VPN stats monitor: Why there are multiple connections for the MASTER_VPN_VLAN200 configuration? Any advice is welcome, thank you. There are 2 configuration using this IKEv2 gateway:…
-
User name limitation that causes problem for MAC-Based Authentication
FLEX 200 So I've been configuring with 802.1x with a Cisco switch and FLEX 200 as Authentication RADIUS Server even when I could use Cisco built in option. So its really odd that my MAC was 08-00-27-EE-C7-AF but you can put that in FLEX200 because it must start with a letter so I change the MAC of the device to…
-
Radius server on ZyXEL FLEX H with SSL VPN
Recently upgraded to FLEX H series and in same time to WIndows Server 2025. We used to have AD Integration for VPN, so that users could be defined on AD. Classic implementation (TCP389) still works with new FLEX H series combined with SSL and OpenVPN Client. But as we have to move on to Windows Server 2025, classic LDAP on…
