USG60 rebooting with WK30 fall back to LastGood

mMontana
mMontana Posts: 1,405  Guru Member
50 Answers 1000 Comments Friend Collector Fifth Anniversary
edited April 2021 in Security

USG60, 4.33 as standby firmware, 4.33 WK30 as default.

I edited the configuration:

  • Added a group of services
  • Changed a description of user3
  • Changed password of a user2
  • Changed groups for user1 and user2
  • Used a group of services for a Security policy

If i reboot with this "modified" configuration, the Firewall falls back to last good. Every time.

Now i rebooted on 4.33 for edit the configuration and try a reboot

Accepted Solution

  • mMontana
    mMontana Posts: 1,405  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    Answer ✓

    Sorry for the delay. After the issues for upgrade a couple of devices, I waited to visit premises of USG60.

    @Zyxel_Cooldia corrected the USG60 configuration for me about 5 weeks ago, and it run quite smoothly on 4.33WK30 until yesterday.

    I rebooted to standby 4.33 firmware, which went good. Then upgraded WK30 manualy to 4.35 quite flawlessly.

    And now: case solved.

All Replies

  • mMontana
    mMontana Posts: 1,405  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    I forgot also the update/add of a IkeV2 gateway...

    After rebooting on 4.33, edit the configuration, added a Ikev2 gateway. Then rebooted on 4.33, without any issue.

    Rebooting to 4.33WK30, Ikev2 gateway disappeared.

  • mMontana
    mMontana Posts: 1,405  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    Which failed blatantly.

    After editing the configuration, reboot on 4.33 (finding the correct configuration updated), the next reboot on 4.33 WK30 wiped all my edits. This is quite bad...

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,518  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 100 Answers 1000 Comments

    Hi @mMontana ,

    Can you send me your configuration file via private message? Let me have a quick test on your configuration file.

  • mMontana
    mMontana Posts: 1,405  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    Done.

  • mMontana
    mMontana Posts: 1,405  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    Any news?

  • mMontana
    mMontana Posts: 1,405  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    Problem is completely unrelated with the firmware. Configuration seems to have two or more malformed objects (IPSec Gateway, user) which are "trippin" the firewall during the reboot.

    I'll double check the setup for reboot test ASAIC.

  • mMontana
    mMontana Posts: 1,405  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    Answer ✓

    Sorry for the delay. After the issues for upgrade a couple of devices, I waited to visit premises of USG60.

    @Zyxel_Cooldia corrected the USG60 configuration for me about 5 weeks ago, and it run quite smoothly on 4.33WK30 until yesterday.

    I rebooted to standby 4.33 firmware, which went good. Then upgraded WK30 manualy to 4.35 quite flawlessly.

    And now: case solved.

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)