-
💡Duo Security Authentication Integration Guide
This discussion has been moved.
-
💬 Your Firewall Story Could Earn You $35 Across Two Platforms!
This discussion has been moved.
-
Secure Start with Zyxel x Tailscale 🎁 Get 6 Months of Tailscale VPN Free, Before Oct.!
This discussion has been moved.
-
[Trade-Up Program] 🔄 Time to Trade Up: Say Goodbye to Legacy USG, Hello to Next-Level Securi…
Time to Trade Up: Upgrade Your Legacy USG and Unlock a Powerful New Experience.
-
VTI Tunnel UP but LANs cannot communicate: Need help with Policy Routes and Security Policy order
Hi everyone, I have successfully established a Route-based VPN using VTI between an ATP200 (Hub - Anzi) and two spokes (ATP500 - Potenza and USG60 - Venosa). Current Status: All VTI tunnels are UP (green lights). I can successfully ping the remote gateway's LAN IP from the local gateway's diagnostic tool (e.g., ATP200 can…
-
how to create vpn ssl with client openvpn
-
Recovery Steps for USG FLEX/ATP Series Application Patrol Signature Issue (Jan. 2025)
Symptom: The App Patrol signature release V1.0.0.20250123.0 may create parsing error on device for On-premises mode, application patrol daemon will not work well after updating this new signature though the rest of UTM features keep running. However, the worst case is that device may get stuck if device did rebooting…
-
Double Auth certificates for SSL VPN on USG FLEX 200H
Hello, I'm facing a persistent issue with a 3rd party SSL certificate (Gandi) on my USG Flex 200H. The Setup: Certificate: Signed by Gandi (DigiCert Global Root G2 chain). Status: I have successfully imported the Intermediate and Root CA in Trusted Certificates. Under My Certificates, the status is now OK with a complete…
-
Fw: Bug Firmware V5.42(ABUH.1) / Zyxel USGFLEX 100
Hello, Except my mistake, I would like to inform you that there is an email notification bug since the new Firmware Version V5.42(ABUH.1) / 2026-02-08 02:18:35 update, affecting only the USGFLEX 100 model. The USGFLEX 100W model does not have this issue ! Specifically, when I receive emails, the sender and recipient…
-
IKEv2 connection with Windows 11 native client
Dear Community, I tried several settings derived from several articles in this forum, but nothing worked. In the end, this is the state: I created a dial-in connection for IKEv2-Clients using the wizard built into our ATP500. Whenever I try to connect, I receive "server not responding". Using the same setup to establish a…
-
809 Error/Tunnel Swapping with IKEv2
Hi there, we are currently running Client2Site Tunnels over IKEv2 using the integrated Windows 10 VPN Client which works fine for the most Part. But whenever I change something on the IKEv2 Tunnel (for example IP Range) I get 809 Errors from the Windows Clients (iOS works fine) and have to reboot the firewall to make it…
-
Any idea why we can't receive traffic from a few specific IP addresses
I am having an issue on my FLEX 500 (up to date on latest firmware and signatures). We have an SSTP VPN behind the router and 2 people out of all our users can't connect anymore. They had been able to connect for more than a year without issues. I have tried disabling security services and creating rules to allow them to…
-
FLEX H Firmware Boot Issues
There is a security flaw in the current firmware of my device (and most probably other devices of this series). When the device is rebooted, the configuration on the interfaces is applied and for round about one minute, the configured Firewall rules are not applied. I realized that when rebooting my device with service…
-
USG FLEX 500 speed
we recently change our firewall with an USG flex 500 But we encounter a speed problem we have several internet lines all are for 500mb/sec but the speed sees the line has a very low upload speed. This is not a performance of the line if we test with a different router the speed is correct someon eknow how to solve it ?
-
ios vpn
-
Why TF does every firmware update screw up?!
Seriously, defaulted another device!? Pull you heads out. These devices arent next door, arent "default" installs. Yet every other firmware update defaults or locks a device!
-
USG LITE 60AX SIP ALG settings
Hi all, We recently installed a USG Lite 60AX on a clients premises. Im not entirely sure the 60ax is the problem but they have started experiencing unusual VOIP issues. Just wondering if ther is SIP ALG (or something along those lines) on these devices and if so how do I turn it off please. Kind regards, Luke Archbold.
-
Remote vpn ipsec, access Lan behind site to site Firewall
I have a remote IKEv2 ipsec dynamic access to firewall 1 and want to access lan behind firewall 2 that is setup for site to site between Firewall 1 Firewall 2. How should i set up routing and security policy to get it to work? Firewall 1, USG Flex 100 Lan1 ip 192.168.101.1 Firewall 2, USG Flex 200 Lan1 ip 192.168.100.1 Tony
-
IKEv2 Connection Not Working to RRAS
Hello, I'm trying to set up an RRAS (Routing and Remote Access Services) VPN on Windows Server. This is a built-in Microsoft role that can be installed. Being new to this, I'm not sure if I have everything set up correctly. It seems like it is, but I cannot get the VPN connection to actually work. First the RRAS server was…
-
Zyxel Flex 200 - Android/Apple remote vpn
Since the L2TP tunnels are no longer supported by android, what is a working remote vpn tunnel that does work. We have lots of l2tp tunnels in use to our FLEX 200, but newer Android devices don't work/support L2TP tunnels. Hoping to see a native solution, otherwise we probably need to implement NetBird or equivalent or…
-
SSL inspection for clients connecting from the Internet to the server behind the USG FLEX 500
Hello, has anyone managed to set up a working SSL inspection for clients connecting from the Internet to the server behind the USG FLEX 500? I have an IIS server in the local network accessible from the Internet and I'm trying to set up SSL inspection for it. I uploaded the same SSL certificate to the USG as on the server…
-
IKEv2 with PSK not working on Android
Hi everyone, I'm trying to set up IKEv2 with PSK on a USG Flex 100 by following that article (https://support.zyxel.eu/hc/en-us/articles/8805317185298-IKEv2-VPN-with-Pre-Shared-key-on-Mobile-Devices-Instead-of-L2TP#h_01HB6CZ468E23YEB63SRPPFRS8) but it's not working. Here is the log What could be wrong ? I don't see any…
-
cannot see the application dropped in my application
Hi! I'm using App Patrol to block some application traffic in my USGFLEX 100 I made the drop traffic for WPS office before, but now I can see 360 antivirus only. I search WPS in the application, it say the WPS office 's action is drop. Our firewall still can block WPS office traffic. Anyone face this similar problem?…
-
How to implement IPSec Client VPN with Windows Native Client and MFA?
Hi I would like to implement MFA on an already working IPSec client VPN access on USG FLEX 200. Configuration of MFA is well documented. As I understand the workflow is that in the first step the VPN connection is established using username/password. In the second step the MFA code must be entered via the web based…
