Eraseand reload switch configuration from Nebula

KoenP
KoenP Posts: 4  Freshman Member
First Comment Second Anniversary
edited November 2023 in Nebula
Hello, 
I have a GS1900 - 24port switch controlled via Nebula, On the switch a mac address was blocked with "Block policy". A couple of days later this was changed again to "normal policy". however the client is still not able to go on the internet. He has only access to the local LAN. We tried by mac spoofer to change the mac address and then everything is working fine. 
So I assume that the mac address is still blocked somewhere on the switch or that the switch didn't received the updated change from Nebula.

Can somebody help me to reset the configuration on the switch and then to reload the configuration from Nebula back to the switch. 
I have access to switch as well. 
Would this help?

Many thanks
Koen

Accepted Solution

  • Zyxel_Jason
    Zyxel_Jason Posts: 410  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula Zyxel Certified Sales Associate
    Answer ✓
    Hi @KoenP,

    Since GS1900-24 doesn't support Nebula, I assume your are talking about GS1920-24.

    You mentioned that the client could access to the local LAN but no the Internet after you changed the client policy back to normal.
    If the client can access to other LAN clients via the Switch, it means the Switch doesn't block the client anymore. It may be blocked by Gateway.

    You may use the following method to check if the policy configuration is consistent between Nebula CC and local Switch.
    Nebula CC:
    Go to Switch > Monitor > Clients and click Show policy clients.
    You should not see the client if you have changed it back to normal.

    Switch:
    Access the Switch via Telnet/SSH (the password is at Site-wide > Configure > General settings) and use "show running-config" command.
    You should not be able to see one line starts with "mac-filter" for that client's MAC address in the running-config.

    Last, if you want to reset your Switch remotely, you may follow the steps below:
    1. Go to Organization-wide > Configure > Configuration management > Backup & restore > Switch settings to backup your current setting on Switch.
    PS. This feature requires Nebula Pro Pack.


    2. Go to Organization-wide > Configure > License & inventory > Devices, select your Switch, click Action > Change site assignment > Remove select device(s) from their current site.
    => This action will erase running-config on the local Switch except management IP and VLAN setting.

    3. Select and add the Switch back to the site again.

    4. Back to Backup & restore page to restore the Switch setting.

    Hope it helps.
    Jason

    Engage in the Community, become an MVP, and win exclusive prizes! https://bit.ly/Community_MVP

All Replies

  • Zyxel_Jason
    Zyxel_Jason Posts: 410  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Engineer Level 1 - Nebula Zyxel Certified Sales Associate
    Answer ✓
    Hi @KoenP,

    Since GS1900-24 doesn't support Nebula, I assume your are talking about GS1920-24.

    You mentioned that the client could access to the local LAN but no the Internet after you changed the client policy back to normal.
    If the client can access to other LAN clients via the Switch, it means the Switch doesn't block the client anymore. It may be blocked by Gateway.

    You may use the following method to check if the policy configuration is consistent between Nebula CC and local Switch.
    Nebula CC:
    Go to Switch > Monitor > Clients and click Show policy clients.
    You should not see the client if you have changed it back to normal.

    Switch:
    Access the Switch via Telnet/SSH (the password is at Site-wide > Configure > General settings) and use "show running-config" command.
    You should not be able to see one line starts with "mac-filter" for that client's MAC address in the running-config.

    Last, if you want to reset your Switch remotely, you may follow the steps below:
    1. Go to Organization-wide > Configure > Configuration management > Backup & restore > Switch settings to backup your current setting on Switch.
    PS. This feature requires Nebula Pro Pack.


    2. Go to Organization-wide > Configure > License & inventory > Devices, select your Switch, click Action > Change site assignment > Remove select device(s) from their current site.
    => This action will erase running-config on the local Switch except management IP and VLAN setting.

    3. Select and add the Switch back to the site again.

    4. Back to Backup & restore page to restore the Switch setting.

    Hope it helps.
    Jason

    Engage in the Community, become an MVP, and win exclusive prizes! https://bit.ly/Community_MVP
  • KoenP
    KoenP Posts: 4  Freshman Member
    First Comment Second Anniversary
    Thank you Jason, This helped me to the confirmation that it has to be some else then the switch or firewall configuration.
     Happy christmas,
    Koen

Nebula Tips & Tricks