-
Zyxel USG FLEX and ATP series – Upgrading your device and ALL credentials to avoid hackers' attack
Zyxel team has been tracking the recent activity of threat actors targeting Zyxel security appliances that were previously subject to vulnerabilities and admin passwords have not been changed since then. Users are advised to update ALL administrators accounts for optimal protection. Based on our investigation, the threat…
-
What's New: uOS1.30 Patch 1Firmware Update for USG FLEX H Series
This discussion has been moved.
-
What's New ZLD5.39
Enjoy stronger traffic control with a new CLI command to drop TCP SYN packets with data, faster filtering, and a fix for Chrome’s TLS 1.3 content filter bug. Update today for seamless protection. Zyxel is committed to continuously updating your devices for important maintenance information. This latest release also…
-
Important Reminder for your Content Filter Service
At Zyxel, we are committed to providing you with the most advanced and secure services possible. In line with this commitment, we continuously enhance our Content Filter service to ensure top-notch security detection from Trellix. To ensure your service running stable and efficiently, please upgrade firmware to the latest…
-
How to solve the issue "ZTP is already enabled" on VPN series?
Symptom: Unable to access the web GUI. Access the web GUI but the page "ZTP is already enabled" appears. The device is on-premises mode and never deployed using ZTP. Q1. What are the impact model and version for this issue? Affected model Affected version VPN50 5.00 through 5.36(ABHL2)C0 VPN100 5.00 through 5.36(ABFV.2)C0…
-
What should I do if the device failed to be upgraded to the latest firmware?
Please follow the procedure to upgrade the firmware Step 1. Make sure you have on-site local support that able to reach the device Step 2. Unplug all WAN connections. Step 3. Access the device via LAN IP. Step 4. Copy startup-config.conf to recover.conf. Download "recover.conf" to your PC. Step 5. Switch to standby…
-
Zyxel USG 200 Bandwith limitation
Hi, I recently switched to a better internet connection, from 20Mb down/3Mb up to a 400Mb/150Mb. My problem is that if I use the ISP router bypassing my Zyxel USG 200 I get in my speedtests 400Mb/150Mb, but if i try using my Zyxel as normal I get 110Mb/15Mb. Does someone know if there is some sort of limitation? Or anyone…
-
Source NAT through vpn tunnels
Let's say we have three sites: Site A (USG Flex 50) - Policy based vpn - Site B (USG Flex 200) - Policy based vpn - site C (other device, managed by others) Note: between A and B it's simple routing, hosts keep their IP. Between B and C it's different: all B lan address reach C site SNATted (in B-C vpn policy) to a single…
-
update firmware USG60 from 4.20 to 4.73 (latest)
I need to update firmware a USG60 from version 4.20 to 4.73(latest). What intermediate firmware do I need to perform to prevent the risk of configuration disappearing.
-
IP/MAC Binding
Subject: Limiting Client Connections on the Wi-Fi Network I am reaching out to seek your expertise regarding an issue with limiting client connections on one of our Wi-Fi networks. Here are the details of the situation: Hardware used: Wi-Fi access points managed by a VPN100. Network topology: a VLAN dedicated to the Wi-Fi…
-
Can I suggest Zyxel to block PC APP STORE?
How can I suggest Zyxel to block PC APP STORE this program from App Patrol?
-
dns content filter UsgFlex500 domain environment
hi, I have an usg flex500 that protect my microsoft AD and I have configured/activated the DNS content filter but I can not see anything detected; my clients's DNS point to our domain controllers. I don't know where is the problem. thank you.
-
CLI command "schedule-run"
I'd like to discuss two things within this post. a) Is there a full CLI description for the "schedule" commands within the console environment. I can't find any CLI documentation on the following commands: schedule schedule-run schedule-object I'd especially like to know what "schedule" and "schedule-object" can do. I have…
-
USG FLEX 500 VPN Server EAP-MSChapv2 vs EAP-TLS/PEAP on Radius
Hello, i've got some trouble setting up remote user connection with certificate instead of user/password, and i don't find much documentation about this on Zyxel networks. I've setup VPN gateway & tunnel for remote user connection with radius authentification EAP-MSChapv2 successfully, but when i'm trying to change Windows…
-
Issue establishing IPSEC-PSK VPN between Android 14 and USG20W-VPN
After many years flawless operation of IPSEC VPN between usg20w-vpn and samsung s9 (android 10), I have upgraded to samsung s24 (android 14). I am facing same issue as many have not being able to establish IPSEC-PSK connection. I have followed many documents and instructions found on this forum, but I am still missing…
-
Destination NAT on VPN
I read this: https://mysupport.zyxel.com/hc/en-us/articles/360003321659--ZyWALL-USG-How-to-configure-VPN-SNAT-on-Zyxel-gateways In particular this picture: The first part is very clear: we have LAN1, we have to reach REMOTE with FAKE address. But the latest, DNAT that does the contrary, seems a Virtual Server NAT setting.…
-
SCR 50AXE IPSec VPN only Site2Site?
Hello, I bought an SCR 50AXE privately to get a little more involved with the Nebula Cloud. I have now put it into operation and replaced an AVM router. The info sheet said that the device supports IPSec VPN, which I wanted to use (Android smartphone, Windows tablet). In Nebula itself, however, I can only find the option…
-
SCR50 AXE trial licence is valid or not?
Hello, I'm using Nebula accessing my SCR50 security router with trial licence. At some configuration poins the message appears: "This organization is using the Base Pack version of Nebula.Advanced features can be unlocked by purchasing a Nebula Plus or Pro Pack License". Clicking on it brings up the licence and inventory…
-
USG Flex H country label
I noticed that in the USG Flex 200H and 500H the country label is not shown in the Logs
-
Strange behaviour on USG Flex 100v2
Something strange is going on with the DNS settings on my USG Flex 100v2. When I set the DNS on wan to my ISP's DNS, one of my computers will not connect to the internet. Well it will connect but then it won't, so it's back and forth. Sometimes it works, sometimes it doesn't. No other computer is affected by that. Sadly…
-
VPN L2TP no ping LAN
Hi. I have configured an L2TP VPN on the USG40. The VPN connects, but devices are not responding on the network. I can't log in to the router, the router doesn't respond to ping, etc. I am attaching screenshots of routing and security policy. what else should I check?
-
Client VPN access to site A and B
Hi I am trying to create a senario link the one in the picture. Now: VPN Client can connect to Site A and access local resources. Site to Site VPN between Site A and Site B is working. I want users on VPN Client to be able to acces both Site A and Site B, througth the Site to Site VPN. How to do that?
-
USG Flex 200 rack mount "ears"
We need several pairs of the rack mount "ears" for the flex 200 firewalls. Where can these be ordered at? I'm not finding them in the Zyxel store.
-
Traffic between tunnels (and NAT)
Let's say we have three sites: A, B, C. Between A and B: policy-based site-to-site tunnel Between B and C: policy-based site-to-site tunnel Then we need that an host (a single host) from site A reaches an host or a couple of site C. Only So the config would be On A: -policy route with source host, destination host, next…
-
IPSec VPN behind routeur and DMZ
Hello, Using the wizard (USG FLEX 100/200), i build an IPSec vpn. The only modification i made, is on the VPN gateway, setting "Peer ID Type" to "any" on both side. On one side the FLEX 100 is in a DMZ, at other side, the Flex 200 is behind the provider router (fixed ip's, NAT for 50,51,500,4500,47,112 already done). The…
-
USG Flex 200 on Sunrise 2.5Gbit/s Internetconnection
First of all, I know that the USG Flex 200 isn't capable to benefit from 2.5Gbit/s connection on the WAN port. My problem isn't related to the speed of the connection, it is related to the behaviour of certain devices on my network. Before using Zyxel devices on my network I was using an ASUS Wifi-Mesh Router. It was…
