Reset firewall
Options
Freshman Member
All Replies
-
Hi @LeviPonti
May I know what is the specific symptom of the USG210 crash? Did it reboot by itself? Or, you cannot login to the device Web-GUI? How often this symptom occurs? Is it a random symptom in your environment? What is the firmware version you are using now? Besides, we suggest you can type the command "debug kernel console-level 8" to enable kernel-debug-level 8 and keep collecting the console log with the timestamp from the USG210 then providing the console log and remote Web-GUI link to us via private message, the historical console log can help us clarify situation more clearly. I will send a private message to you about how to configure remote Web-GUI for Zyxel HQ. Thanks.
0 -
there are no symptoms. at some point you can't ping the firewall anymore. The firmware version is: 4.72 (AAPI.0) These are the log lines. as you can see it works until 8.25 then I had to disconnect the power and restart it. 2022-10-03 08:25:31,192.168.9.33:59885 ,104.77.185.58:443 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:31,192.168.9.39:52796 ,34.104.35.123:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:31,192.168.9.23:54693 ,8.8.8.8:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:25:31,192.168.12.6:51410 ,8.8.8.8:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:25:31,192.168.12.6:54578 ,20.40.136.238:443 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:13, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:31,192.168.9.29:63935 ,8.8.8.8:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:25:31,192.168.9.29:63032 ,13.107.4.52:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:31,192.168.99.195:59470 ,220.95.41.179:43514 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:8, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:31,192.168.9.18:60344 ,209.197.3.8:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.36:51757 ,13.107.4.52:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.39:52797 ,13.107.4.52:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.110:52791 ,8.8.8.8:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:25:32,192.168.99.195:30418 ,34.94.213.23:6969 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,udp , priority:8, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:25:32,192.168.99.195:59471 ,202.86.124.159:33347 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:8, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.32:59284 ,104.77.185.24:443 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.20:62692 ,8.8.8.8:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.20:50662 ,13.107.4.52:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.32:59285 ,104.77.185.24:443 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.14:58675 ,13.107.4.52:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.15:61822 ,13.107.4.52:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:25:32,192.168.9.31:53604 ,13.107.4.52:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan2 ,tcp , priority:14, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:40:26, , , info ,sso ,CONFIG CHANGE , , , , SSO agent config change 2022-10-03 08:40:28, , , error ,myzyxel-dot-com , , , , , Connection error has occurred. 2022-10-03 08:40:32, , , alert ,system , , , , , Port 4 is up! 2022-10-03 08:40:32, , , alert ,system , , , , , Port 1 is up! 2022-10-03 08:40:32, , , alert ,system , , , , , Port 2 is up! 2022-10-03 08:40:32, , , info ,policy-route ,INTERFACE ALIVE , , , , Interface lan1 alive, related policy route rules will be re-enabled. 2022-10-03 08:40:32, , , info ,policy-route ,INTERFACE ALIVE , , , , Interface lan1 alive, related policy route rules will be re-enabled. 2022-10-03 08:40:32, , , info ,policy-route ,INTERFACE ALIVE , , , , Interface lan1 alive, related policy route rules will be re-enabled. 2022-10-03 08:40:36,192.168.12.6:62047 ,8.8.8.8:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:40:36,192.168.99.195:60345 ,45.154.253.5:80 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,tcp , priority:8, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:40:36,192.168.99.14:48759 ,142.251.209.10:443 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,tcp , priority:8, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:40:36,192.168.99.14:44625 ,149.154.167.91:443 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,tcp , priority:8, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:40:36,192.168.99.14:42412 ,142.251.209.42:443 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,tcp , priority:8, from LAN1 to WAN, TCP, service others, ACCEPT 2022-10-03 08:40:36,192.168.1.99:55604 ,8.8.4.4:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:40:36,192.168.8.3:64556 ,8.8.8.8:53 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,udp , priority:10, from LAN1 to WAN, UDP, service others, ACCEPT 2022-10-03 08:40:36,192.168.99.195:60344 ,107.152.127.9:6969 , notice ,secure-policy ,ACCESS FORWARD , lan1 ,wan1 ,t
0 -
Please prepare a PC with Teraterm and type the command "debug kernel console-level 8" to keep collecting the complete console log with the timestamp until the next time this issue occurs again. The kernel-debug-level 8 console log can help us do more clarification.
Besides, is there any CLI response on the console during this issue occurring? If so, please enter the CLI "diaginfo collect ac" and wait for a few minutes(about 3~5mins) to collect the diag-info for us, you can enter the CLI "show diaginfo collect ac status" to check if the diaginfo file is already been collected yet, thanks.
0 -
Besides, not sure if you already web-auth feature on USG210, to reduce the HTTP related session pressure on the USG 210, you could restrict the max HTTP session number per IP via the below CLI:Router> configure terminalRouter(config)# ip http max-connection-per-ip 10
Router(config)# writeRouter(config)# exit
We suggest you can enter the CLIs and monitor your device for a few days.
Maybe it's helpful to you, thanks.0 -
i have sso authentication and now i typed the commands you suggested (ip http max-connection-per-ip 10) now i will monitor the situation. possibly how can I go back? thanks0 -
it happened that in a subnet of 30 PCs they were doing a test and the navigation was blocked but I was still pinging the firewall. by diverting that subnet to another firewall, navigation is restarted. The subnet in question has finished testing and everything is back to normal
0 -
Hi @LeviPontiLeviPonti said:i have sso authentication and now i typed the commands you suggested (ip http max-connection-per-ip 10) now i will monitor the situation. possibly how can I go back? thanks
You can enter below CLIs to recover the previous setting(it means no http max-connection-per-ip limit)Router> configure terminalRouter(config)# no ip http max-connection-per-ipRouter(config)# writeRouter(config)# exit
Thanks.0
Zyxel Employee
Categories
- All Categories
- 395 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 82 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 914 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 415 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
