Recent changes to USG lost after Firmware-Update
Freshman Member
Hello all
Several times now, I noticed that recent changes to Firewalls were lost when afterwards a firmware-update is performed. Recently with a Zywall 110 and USG60.
I made adjustments to several objects, servicegroups and securityrules. All was working fine, the new rules and objects worked as configured. After some weeks there was a need to update the firmware to a more recent one (4.62). The firmware was downloaded/uploaded and a reboot performed. After the reboot, the last changes were lost. I could configure them again from the documentation and config-files but I don't like doing things twice.
Between de adjustments and the firmware-update I did not reboot the device. It feels like the lastgood.conf is used in the firmware-update process and not the startup-config.conf. If so, then before a firmware-update is installed, we should reboot the device or lose parts of the configuration. Any thoughts on this?
Thanks
Eric
0
Accepted Solution
-
Any thoughts on this?By my experience, the configuration conversion is not made while the system reboots, but after the writing of the firmware into standby partition.Therefore...I don't change settings anymore if the firmware upgrade happened. Only after a reboot, the changes are made.Sometimes, when the uptime is higher than 60 days (arbitrary value decided by me) I reboot the firewall before upgrade the firmware, to insure myself than a fallback the previous/current version will work as intended.0
Guru Member
All Replies
-
Any thoughts on this?By my experience, the configuration conversion is not made while the system reboots, but after the writing of the firmware into standby partition.Therefore...I don't change settings anymore if the firmware upgrade happened. Only after a reboot, the changes are made.Sometimes, when the uptime is higher than 60 days (arbitrary value decided by me) I reboot the firewall before upgrade the firmware, to insure myself than a fallback the previous/current version will work as intended.0
-
Ah, that sounds like a possible reason. It could match the latest 2 updates I did. Load the firmware and, due to whatever reason, perform the update days or weeks later. In between changes were made. I will reboot before the next update.At the same time it strikes me as wrong. The real update should be the moment to transfer the (then current) settings and not at some time where I upload the firmware. This is done at separate moments.0
-
Hi @Eric_,If you upgrade the new firmware in the running partition, the device will then reboot after firmware upgrade is finished. All modification of web GUI configuration before firmware upgrade will also be saved in the running configurations. No configuration will be lost after firmware upgrade.If you upgrade the new firmware in the standby partition and reboot the standby partition several days later after you upload the firmware, some configuration may not be updated. The running configurations are copied to the standby partition just at the moment when the firmware is uploaded.For example, you uploaded firmware 4.72 to the standby partition on Jun. 1st and you didn't reboot it right after the firmware is uploaded.On Jun. 8th, you select the standby partition and click "Reboot". Then the settings you modified during Jun. 1st and Jun. 8th are not copied to the standby partition.0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 237 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
