Recovery Steps for Nebula USG FLEX/ATP Series Application Patrol Signature Issue
The App Patrol signature release V18.104.22.16820310.0 may create parsing error on device for both on-premises and on-cloud modes, application patrol daemon will not work well after updating this new signature though the rest of UTM features keep running. However, the worst case is that device may get stuck if device did rebooting further no matter manually or by schedule
The App Patrol signature release V22.214.171.12420310.0 have been removed.
New urgent patch ZLD5.21 P1 will be available by Wednesday (3/16) avoiding the parsing issue.
If App Patrol signature of your device is updated to version 126.96.36.19920310.0 but not affected, do NOT reboot the device before ZL5.21 P1 is released. Use the command to check signature version.
Access firewall using this link https://"firewall IP"/webconsole input the following command to check signature version:
Router# show app signatures status
REMINDER: Firewall local credentials are located at Site-wide > Configure > General settings.
current version: 188.8.131.5220310.0
If you need to restart the device before 5.21 patch 1 is released for some reasons, here is a solution to overcome this issue BEFORE rebooting your device. Please follow the steps.
1. Access firewall using this link https://"firewall IP"/webconsole input the following command:
Command: packet-trace extension-filter -w /db/etc/app_patrol/.md5sum
2. Ctrl + C to terminate packet-trace
3. Reboot device
If you need technical assistance, please send your request to [email protected].
***If the firewall has been rebooted***
Recovery steps as follows:
Before ZLD5.21 P1 is released, follow the instructions to recover the affected device temporarily.
1. Connect the device directly via the console port using a terminal emulation program. Reboot the device and enter debug mode.
2. Switch to another firmware partition. Type atcd 1 to use firmware partition 1.
3. Type atgo to boot up device.
- If the device is still stuck in reboot loop, repeat the step 1 and step 2 to retry. In step 2, type atcd 2 to use firmware partition 2 to boot up.
- If the device still fail to reboot, please contact the regional support team for the recovery process.
- After device reboots, check the running firmware version. If the firmware version is ZLD4.29, please contact the regional support team for the recovery process.
4. Press RESET button on the device to reset to factory default settings.
5. Re-login device Web GUI, choose Nebula Mode to connect device to Nebula.
- If wan interface is static IP or PPPoE, please configure WAN settings after choosing Nebula Mode
Note: If wan interface is DHCP, you can skip this step. The device will connect to cloud automatically after wan interface gets IP address.
Configure WAN settings.
- All Categories
- 184 Beta Program
- 1.7K Nebula
- 90 Nebula Ideas
- 63 Nebula Status and Incidents
- 4.7K Security
- 236 Security Ideas
- 1.1K Switch
- 51 Switch Ideas
- 915 WirelessLAN
- 27 WLAN Ideas
- 5.4K Consumer Product
- 174 Service & License
- 295 News and Release
- 113 Success Stories
- 65 Security Advisories
- 14 Education Center
- 984 FAQ
- 427 Nebula FAQ
- 255 Security FAQ
- 100 Switch FAQ
- 115 WirelessLAN FAQ
- 21 Consumer Product FAQ
- 66 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 68 About Community
- 52 Security Highlight