UTM profile best practice

sk8erbender
sk8erbender Posts: 74  Ally Member
First Anniversary Friend Collector First Comment
edited April 2021 in Security
Hey guys! Another small question.
Where exactly should you put IDP profile?

I am asking this because sometimes CPU  goes too high and can cause reboot

Help me with IDP, content filter and etc profiles. To avoid high cpu usage mistakes.


Which rules should be profiles applied?
From WAN to LAN ?
From LAN to WAN?

Comments

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @sk8erbender,
    If all of UTM features are enabled, the CPU may be higher, however, it will not the reason cause device reboot.
    Therefore, to analyze this case,
    I need to confirm that
    1. what firmware version are you using?
    2. Please share the graph of CPU on dashboard. Example as below.
    3. When the CPU high, screenshot the Wan port usage for checking.

    4.Collect the console message for checking.

     On tera term, please Go to File>Log>Click Save



    Enter "debug system ps" and stop to gather the message. After that private message the message to me.


    5. Does the reboot issue occur often?

    Charlie



  • sk8erbender
    sk8erbender Posts: 74  Ally Member
    First Anniversary Friend Collector First Comment
    I have all logs going on VRPT server is it ok? where do I upload them?
    At the moment it's 4.25 because 4.30 causes reboots did a downgrade with full reset.

    Also do u recommend any UTM profiles on Guest Wifi Network? Rule number 16 ?

  • sk8erbender
    sk8erbender Posts: 74  Ally Member
    First Anniversary Friend Collector First Comment
    Also IDP works both from lan and from wan?
  • sk8erbender
    sk8erbender Posts: 74  Ally Member
    First Anniversary Friend Collector First Comment
    I also noticed that when using UTM profiles + WiFi built in usg60w or other zyxel ap managed access points when people with Apple devices ( ipads, iphones ) access points have high cpu usage ( other devices conncted wia wifi like android ,windows phones works fine)
  • sk8erbender
    sk8erbender Posts: 74  Ally Member
    First Anniversary Friend Collector First Comment
    Here is from vrpt
    344d.jpg 166.1K
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @sk8erbender

    Please update the firmware which I private message to you and monitor this case again.
    If the issue still occur, could you collect the information which I post on the thread previously. 
    Charlie
  • sk8erbender
    sk8erbender Posts: 74  Ally Member
    First Anniversary Friend Collector First Comment
    @sk8erbender

    Please update the firmware which I private message to you and monitor this case again.
    If the issue still occur, could you collect the information which I post on the thread previously. 
    Charlie
    So far it is working. But everytime I login to administer it oppens wizard.. How to avoid opening wizard?
  • USG_User
    USG_User Posts: 369  Master Member
    First Anniversary 10 Comments Friend Collector First Answer
    Go to CONFIGURATION > LICENSING > REGISTRATION and press the button REFRESH.
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,034  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @sk8erbender

    In this case, the situation should be disappeared if you register the device or UTM license. We’d like to encourage uses to register their devices for firmware maintenance and device/license management on MyZyel.com.

    However, the case should disappeared, when you are on setup guide, press next until third step and you will see Skip button(Click it). After that the Initial Wizard will not appear.

    Charlie

Security Highlight