-
💡Duo Security Authentication Integration Guide
This discussion has been moved.
-
💬 Your Firewall Story Could Earn You $35 Across Two Platforms!
This discussion has been moved.
-
Secure Start with Zyxel x Tailscale 🎁 Get 6 Months of Tailscale VPN Free, Before Oct.!
This discussion has been moved.
-
[Trade-Up Program] 🔄 Time to Trade Up: Say Goodbye to Legacy USG, Hello to Next-Level Securi…
Time to Trade Up: Upgrade Your Legacy USG and Unlock a Powerful New Experience.
-
FLEX 200 VPN Failover
I have a client with 2 sites Site A: ZyXEL FLEX 200 with dual WAN (2 different ISP's) enabled, both ISP's static IP LAN1: 192.168.25.0/24 VLAN13: 192.168.13.0/24 VPN Tunnels: Local_LAN1<->Remote_LAN1 (S2S with static peer) Local_VLAN13<->Remote_LAN1 (S2S with static peer) Failover_Local_LAN1<->Remote_LAN1 (S2S with dynamic…
-
USG Flex 200 UDP out-of-order frames
Running tests with iPerf3 in UDP mode, I'm seeing very high rate of out-of-order frames reported during download (in on wan, out on lan), with a some but less out-of-order on uploads. Have tested at multiple sites, multiple devices, multiple ISPs. The percentage ramps up way sooner than it should: Download rate…
-
USG FLEX 200H: LAG LACP Interface Issue
Hi, in my scenario I have a stack of two XGS3700-48HP, firmware V4.30(AAGF.3),and a LAG of two ports on which I've connected public network. I had ATP500 Firewall connected on that LAG with the external interface and it worked fine for years since I've changed with USG FLEX 200 H, firmware V1.38(ABWV.0). Both LAGs where…
-
USG FLEX H - LAG Interface edit Transmit Hash Policy issue
Hi, editing "Transmit Hash Policy", changing from src-dst-ip-mac to src-dst-mac and viceversa, made the firewall unresponsive. I had another interface for configuring USG FLEX 200 H via Ethernet, so it wasn't the same LAG interface I was editing. HTTP access works, but I cannot use any command since it logs me out…
-
Captive Portal with USG Flex 100
Dear Zyxel Community Support Team, I am currently configuring a USG FLEX 100 (AP is NWA5123-AC) with a Captive Portal for our guest network (VLAN 10, subnet 10.0.10.0/24). While the portal itself works perfectly when accessed directly via http://10.0.10.1 , automatic redirection for unauthenticated users does not function…
-
USG FLEX H - Zone member issue
Hi, I noticed that if I have an Interface and an IPSec VPN with the same name, configuring Zone members has some issues: When you check one object, it checks both. When you add both, save, and go back to the configuration, they are doubbed and again, when you select one of they, all 4 will be selected Thank you for…
-
USG FLEX H - Session monitor - "No data"
Hi, I noticed that when I enter Traffic Statistics - Session Monitor, and select "View: sessions by source IP" for example, I get the list of session grouped by source IP and the counter in the last column. If I click the counter, I get always "No data" as response. Javascript console reports Firmware 1.38. Thank you for…
-
How to prevent the IKE daemon from responding to IKEv1 requests?
Running latest firmware on a USG20W-VPN. All my IPSec clients (SecuExtender on Win11/macOS, native iOS, strongSwan on Android) are IKEv2 only. The VPN gateways are configured as IKEv2 only - the IKE Version radio button is set to IKEv2 and greyed out (as expected). Despite this, the IKE daemon still engages with inbound…
-
IPSec VPN does not work with latest MacOS, restoring a configuration does NOT reinstall the VPN part
Hi all, I have seen the instructions posted in the VPN section and followed them to install IPSec VPN on the newest MacBook with newest MacOS. Older MacOS and notebooks worked fine with the IPSec VPN. Before: IPSec VPN works for Androids and Windows and older MacOS, but does not work with the newest MacBooks with newest…
-
[5.42.1] USG FLEX 50W hangs after insert USB Modem
USG FLEX 50W on new 5.42.1 became fully unresponsive (don't reboot by watchdog) after inserting 3G USB Modem (ZXIC Incorporated MTS Mobile Boardband). Helps only manual poweroff. On 5.38 device work fine with this modem. Console log in attach.
-
Network Devices VLAN
Hi all, I would be create a VLAN (for example VLAN 4) where to manage all my network devices. My Firewall have the IP 192.168.11.253 and have VLANs below: VLAN1 default 192.168.11.x VLAN4 Network Devices 192.168.4.x VLAN110 Guest 192.168.110.x VLAN120 Lab 192.168.120.x I create the "Policy Control" rule to allow the…
-
USG40
My USG40 is running firmware 4.11. I can't update it to the latest firmware 4.73. I need the archived firmware versions 4.15, 4.20, and 4.25. Where can I download them?
-
USG Flex 200 rack mount "ears"
We need several pairs of the rack mount "ears" for the flex 200 firewalls. Where can these be ordered at? I'm not finding them in the Zyxel store.
-
USG LITE 60AX ignoring explicit deny firewall rule when a nat rule is active
Please tell me i'm wrong. Just noticed that if i set up a nat rule, and leave "allow remote ip" to "any", it just open up that port for any source address despite "explicit deny" rule in packet filter firewall. Also, "allow remote ip" field in the NAT rule can't be anything but a single host. You can't even put a subnet in…
-
VPN to Flex100H is driving me crazy
I used to use Zywall 110s (primarily) to connect my homes. 6 Locations. As Zywall 110s are no longer updated - it was time to move on. This summer I replaced a Zywall 110 with a Flex 100H. I did not do any further changes when I found out that the 100H Flex does not support forcing a specific VPN tunnel as next hop.…
-
[Linux expoit] - CVE-2026-31431
Hello everyone, I recently came to know this new CVE: https://copy.fail Some of devices are affected by this? I have the USG Flex 200HP firewall and NWA130BE wireless. Are these devices affected by this bug by any chance? Thank you
