Jason
Engage in the Community, become an MVP, and win exclusive prizes! https://bit.ly/Community_MVP
Eraseand reload switch configuration from Nebula
Hello,
I have a GS1900 - 24port switch controlled via Nebula, On the switch a mac address was blocked with "Block policy". A couple of days later this was changed again to "normal policy". however the client is still not able to go on the internet. He has only access to the local LAN. We tried by mac spoofer to change the mac address and then everything is working fine.
So I assume that the mac address is still blocked somewhere on the switch or that the switch didn't received the updated change from Nebula.
Can somebody help me to reset the configuration on the switch and then to reload the configuration from Nebula back to the switch.
I have access to switch as well.
Would this help?
Many thanks
Koen
I have a GS1900 - 24port switch controlled via Nebula, On the switch a mac address was blocked with "Block policy". A couple of days later this was changed again to "normal policy". however the client is still not able to go on the internet. He has only access to the local LAN. We tried by mac spoofer to change the mac address and then everything is working fine.
So I assume that the mac address is still blocked somewhere on the switch or that the switch didn't received the updated change from Nebula.
Can somebody help me to reset the configuration on the switch and then to reload the configuration from Nebula back to the switch.
I have access to switch as well.
Would this help?
Many thanks
Koen
0
Accepted Solution
-
Hi @KoenP,
Since GS1900-24 doesn't support Nebula, I assume your are talking about GS1920-24.
You mentioned that the client could access to the local LAN but no the Internet after you changed the client policy back to normal.
If the client can access to other LAN clients via the Switch, it means the Switch doesn't block the client anymore. It may be blocked by Gateway.
You may use the following method to check if the policy configuration is consistent between Nebula CC and local Switch.
Nebula CC:
Go to Switch > Monitor > Clients and click Show policy clients.
You should not see the client if you have changed it back to normal.
Switch:
Access the Switch via Telnet/SSH (the password is at Site-wide > Configure > General settings) and use "show running-config" command.
You should not be able to see one line starts with "mac-filter" for that client's MAC address in the running-config.
Last, if you want to reset your Switch remotely, you may follow the steps below:
1. Go to Organization-wide > Configure > Configuration management > Backup & restore > Switch settings to backup your current setting on Switch.
PS. This feature requires Nebula Pro Pack.
2. Go to Organization-wide > Configure > License & inventory > Devices, select your Switch, click Action > Change site assignment > Remove select device(s) from their current site.
=> This action will erase running-config on the local Switch except management IP and VLAN setting.
3. Select and add the Switch back to the site again.
4. Back to Backup & restore page to restore the Switch setting.
Hope it helps.1
All Replies
-
Hi @KoenP,
Since GS1900-24 doesn't support Nebula, I assume your are talking about GS1920-24.
You mentioned that the client could access to the local LAN but no the Internet after you changed the client policy back to normal.
If the client can access to other LAN clients via the Switch, it means the Switch doesn't block the client anymore. It may be blocked by Gateway.
You may use the following method to check if the policy configuration is consistent between Nebula CC and local Switch.
Nebula CC:
Go to Switch > Monitor > Clients and click Show policy clients.
You should not see the client if you have changed it back to normal.
Switch:
Access the Switch via Telnet/SSH (the password is at Site-wide > Configure > General settings) and use "show running-config" command.
You should not be able to see one line starts with "mac-filter" for that client's MAC address in the running-config.
Last, if you want to reset your Switch remotely, you may follow the steps below:
1. Go to Organization-wide > Configure > Configuration management > Backup & restore > Switch settings to backup your current setting on Switch.
PS. This feature requires Nebula Pro Pack.
2. Go to Organization-wide > Configure > License & inventory > Devices, select your Switch, click Action > Change site assignment > Remove select device(s) from their current site.
=> This action will erase running-config on the local Switch except management IP and VLAN setting.
3. Select and add the Switch back to the site again.
4. Back to Backup & restore page to restore the Switch setting.
Hope it helps.1 -
Thank you Jason, This helped me to the confirmation that it has to be some else then the switch or firewall configuration.
Happy christmas,
Koen0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight