Content-filter Service Is Unavailable

Options
itxnc
itxnc Posts: 98  Ally Member
First Anniversary 10 Comments Friend Collector
edited April 2021 in Security
We're seeing a lot of alerts on our client's USGs and ATPs where the content filter service becomes unreachable for a period of time. Then it comes back. Have been seeing this on and off for a few weeks. Anyone else seeing this behavior?

All Replies

  • Zyxel_Emily
    Zyxel_Emily Posts: 1,296  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @itxnc,

    We need more information to check the root cause of this issue.
    I will contact you in private message for further information.
  • LiborK
    LiborK Posts: 1  Freshman Member
    First Anniversary First Comment
    Options
    Hello, after upgrade zld from 4.33 to 4.35 I've noticed that my Security Policy wasn't working because the rule #2 collided with rule #1 while both rules were working on zld 4.33.
    Rule #1: lan1 to wan any any ... allow Schedule-Application patrol (for You tube)
    Rule #2: lan1 to wan any any ... allow Content filtering
    On zld 4.35 only rule#1 was working.
    Now on zld 4.35 I had to combine both rules together to have them working both...is that some bug of zld4.35 ?
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,296  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @LiborK,
    It works on both firmware 4.33 and 4.35.

    If you'd like to block a specific category of website always and block YouTube (App Patrol) for just a period of time, create the rules as follows.

    Rule #1: From lan1 to wan any any -> apply YouTube profile with schedule (14:15-14:45) & apply CF profile

    Rule #2: From lan1 to wan any any -> apply CF profile

    If the time you access YouTube hits the schedule (ex: 14:20), the traffic hits Rule#1 and never goes to Rule#2, so both YouTube and CF are blocked.

    If the time you access YouTube doesn't hit the schedule (ex: 14:50), the traffic hits Rule#2. YouTube is allowed but CF is blocked.

    Feel free to let me know if you has questions about applying App Patrol and CF profiles. If you still has questions, please share the configuration file with me via private message.


  • IT_Field_Support
    IT_Field_Support Posts: 97  Ally Member
    First Anniversary Friend Collector First Comment
    Options
    Hi,

    I would like to know how you solve the problem of Content Filter becoming unavailable. We have this problem on one of our router since a few days.
    USG40w
    4.35

    Our user are blocked and in the CF log we can see that the service is unavailable.

    Thanks,

    Davy
  • itxnc
    itxnc Posts: 98  Ally Member
    First Anniversary 10 Comments Friend Collector
    Options
    Yes we still have the issue intermittently - seems to last for a couple minutes then the service comes back
  • Jeremylin
    Jeremylin Posts: 166  Master Member
    First Anniversary First Answer First Comment
    Options
    As my setting on this part, since the database could not include and category all websites.
    configure Warn as these two parts, and check again

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)