Zyxel Employee
Jason
Eraseand reload switch configuration from Nebula
Options
Hello,
I have a GS1900 - 24port switch controlled via Nebula, On the switch a mac address was blocked with "Block policy". A couple of days later this was changed again to "normal policy". however the client is still not able to go on the internet. He has only access to the local LAN. We tried by mac spoofer to change the mac address and then everything is working fine.
So I assume that the mac address is still blocked somewhere on the switch or that the switch didn't received the updated change from Nebula.
Can somebody help me to reset the configuration on the switch and then to reload the configuration from Nebula back to the switch.
I have access to switch as well.
Would this help?
Many thanks
Koen
I have a GS1900 - 24port switch controlled via Nebula, On the switch a mac address was blocked with "Block policy". A couple of days later this was changed again to "normal policy". however the client is still not able to go on the internet. He has only access to the local LAN. We tried by mac spoofer to change the mac address and then everything is working fine.
So I assume that the mac address is still blocked somewhere on the switch or that the switch didn't received the updated change from Nebula.
Can somebody help me to reset the configuration on the switch and then to reload the configuration from Nebula back to the switch.
I have access to switch as well.
Would this help?
Many thanks
Koen
0
Accepted Solution
-
Hi @KoenP,
Since GS1900-24 doesn't support Nebula, I assume your are talking about GS1920-24.
You mentioned that the client could access to the local LAN but no the Internet after you changed the client policy back to normal.
If the client can access to other LAN clients via the Switch, it means the Switch doesn't block the client anymore. It may be blocked by Gateway.
You may use the following method to check if the policy configuration is consistent between Nebula CC and local Switch.
Nebula CC:
Go to Switch > Monitor > Clients and click Show policy clients.
You should not see the client if you have changed it back to normal.
Switch:
Access the Switch via Telnet/SSH (the password is at Site-wide > Configure > General settings) and use "show running-config" command.
You should not be able to see one line starts with "mac-filter" for that client's MAC address in the running-config.
Last, if you want to reset your Switch remotely, you may follow the steps below:
1. Go to Organization-wide > Configure > Configuration management > Backup & restore > Switch settings to backup your current setting on Switch.
PS. This feature requires Nebula Pro Pack.
2. Go to Organization-wide > Configure > License & inventory > Devices, select your Switch, click Action > Change site assignment > Remove select device(s) from their current site.
=> This action will erase running-config on the local Switch except management IP and VLAN setting.
3. Select and add the Switch back to the site again.
4. Back to Backup & restore page to restore the Switch setting.
Hope it helps.1
All Replies
-
Hi @KoenP,
Since GS1900-24 doesn't support Nebula, I assume your are talking about GS1920-24.
You mentioned that the client could access to the local LAN but no the Internet after you changed the client policy back to normal.
If the client can access to other LAN clients via the Switch, it means the Switch doesn't block the client anymore. It may be blocked by Gateway.
You may use the following method to check if the policy configuration is consistent between Nebula CC and local Switch.
Nebula CC:
Go to Switch > Monitor > Clients and click Show policy clients.
You should not see the client if you have changed it back to normal.
Switch:
Access the Switch via Telnet/SSH (the password is at Site-wide > Configure > General settings) and use "show running-config" command.
You should not be able to see one line starts with "mac-filter" for that client's MAC address in the running-config.
Last, if you want to reset your Switch remotely, you may follow the steps below:
1. Go to Organization-wide > Configure > Configuration management > Backup & restore > Switch settings to backup your current setting on Switch.
PS. This feature requires Nebula Pro Pack.
2. Go to Organization-wide > Configure > License & inventory > Devices, select your Switch, click Action > Change site assignment > Remove select device(s) from their current site.
=> This action will erase running-config on the local Switch except management IP and VLAN setting.
3. Select and add the Switch back to the site again.
4. Back to Backup & restore page to restore the Switch setting.
Hope it helps.Jason1 -
Thank you Jason, This helped me to the confirmation that it has to be some else then the switch or firewall configuration.
Happy christmas,
Koen0
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 52 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight
