Signature Updates ATP 200 since End of March
Freshman Member
Devices:
Zyxel ATP200/License Gold Pack is valid until 2026
Time of problem detection:
March 28, 2025
Problem description:
All signature updates are mainly from March 25 and are stuck at this status.
According to the GUI, the update process is executed and has since been acknowledged with (success) and “updatet to the latest version”. Signature updates are no longer possible, there are no comprehensible error messages in the log.
Troubleshooting that has so far been unsuccessful:
- Reboot
- Reboot with partition change
- Restore to configurations before 25 March
- Reset
- Firmware update (retaining the version)
- License synchronization
- License exchange/moves
Accepted Solution
-
After detailed analysis, I found the problem🤗
As the DNS traffic had worked without any problems, it could only be the DNS connect of the ATP. Through the traffic logs in the router, I could see that the signature update was not generating any traceable traffic.Obviously the Domain zone forwarding no longer worked. I cannot see a logical reason for this. After reconfirming the configuration, the updates are running again.
My questions in this context:
Why does the GUI show a signature update process with “success...” when the updateeamon just plays the process without reaching the target?
Which log provides a reliable insight into the update process? RX and TX packet statistics are not helpful.
Which log does the firewall provide or do I have to configure to detect a non-functioning DNS forward?
Why is DNS Forward not secured in the configuration/settings?
Thank you for your answers in advance!
0
All Replies
-
Hi @ATPCHUSER,
Could you share:
- Which security service signature update has an update issue?
- Could you take a screenshot of the signature update window that displays the update result so we can better help you?
Zyxel Melen0 -
0 -
another interesting thing is this pot Update, already frozen at 19th of March
0 -
After detailed analysis, I found the problem🤗
As the DNS traffic had worked without any problems, it could only be the DNS connect of the ATP. Through the traffic logs in the router, I could see that the signature update was not generating any traceable traffic.Obviously the Domain zone forwarding no longer worked. I cannot see a logical reason for this. After reconfirming the configuration, the updates are running again.
My questions in this context:
Why does the GUI show a signature update process with “success...” when the updateeamon just plays the process without reaching the target?
Which log provides a reliable insight into the update process? RX and TX packet statistics are not helpful.
Which log does the firewall provide or do I have to configure to detect a non-functioning DNS forward?
Why is DNS Forward not secured in the configuration/settings?
Thank you for your answers in advance!
0 -
Hi @ATPCHUSER,
Thanks for your update. Let me update you on one point: some of the security services' signatures, like IP Reputation, are updated daily, while some are updated weekly.
It is an issue that the signature update failed, but the update window shows success. Could you share the issue configuration file with me (please send it to me via a private message) so we can investigate it? Thanks!
Zyxel Melen0
Zyxel Employee
Categories
- All Categories
- 424 Beta Program
- 2.6K Nebula
- 163 Nebula Ideas
- 112 Nebula Status and Incidents
- 5.9K Security
- 342 USG FLEX H Series
- 288 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 261 Service & License
- 404 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 82 Security Highlight
