App watch dog recover sshipsecpm dead

Remon
Remon Posts: 6  Freshman Member
First Comment Friend Collector Fifth Anniversary

Hello, i have this problem today with 3 security appliances. What can i do to stop this problem. Because all my VPN connections disconnects.

I hope someone has the solution for me

USG Flex 700 with the latest firmware

«134

All Replies

  • Cyrill_U
    Cyrill_U Posts: 3
    First Comment

    I have the same. Log message "App watch dog recover sshipsecpm dead" - and all incoming l2tp are falling down. At least two devices confirmed - ATP500 [V5.36(ABFU.1)] and Zywall 110 [V4.73(AAAA.1)]. Fix urgently needed.

  • Cyrill_U
    Cyrill_U Posts: 3
    First Comment
    edited May 2023

    I must admit things got lil bit more stable after blocking out traffic [Any to ZyWall] from some definitely unwanted geo destinations like Asia and Africa.

  • SStep
    SStep Posts: 2
    First Comment

    Faced the same problem.

    Zywall 310, 110

  • ZdenekB
    ZdenekB Posts: 8  Freshman Member
    First Comment Sixth Anniversary

    Hello,

    same problem ZyWALL 110

  • Ludovic_D
    Ludovic_D Posts: 2
    First Comment

    Same problem here on a Zywall E310 !

  • StefanZ
    StefanZ Posts: 202  Master Member
    First Comment First Answer Friend Collector Community MVP

    Not sure if it is related, but I recently got two instances of some asian IPs establishing more than 1000 connections (unclear how) and my FLEX50 rejected any additional connections from them.

    As for the VPN ports:
    I added rules for those ports to only accept certain countries as clients.

    This sure ain't perfect security, but it keeps out 90% of the requests that surely are fake/malicious. Especially on a level of "IP1 scans possible VPN Servers that answer on Port UDP500 and later IPs2-200 try to bruteforce your appliance over the cause of 3 weeks".

    Obviously your clients will have to announce regional changes in advance, so you open up geolocations for them to connect from.

  • Zyxel_Tobias
    Zyxel_Tobias Posts: 200  Zyxel Employee
    5 Answers First Comment Friend Collector Sixth Anniversary

    Hi!

    We are aware of the issue and we are working on a fix. Next update in around 1h.

    Thanks.

    Tobias

  • Unfiniti
    Unfiniti Posts: 3
    First Comment Friend Collector

    Following the incident that occurred this morning, we would like to provide our feedback. Several of our clients experienced a loss of VPN connection. The issue had various consequences for the clients, including incorrect password for the graphical interface, slow graphical interface performance, and VPN unavailability. In order to resolve these issues for all clients, we recommend performing a software update on the Zyxel device and restarting it.

  • LucaPapaleo
    LucaPapaleo Posts: 13  Freshman Member
    Network Detective-New Adventure Badge First Comment Seventh Anniversary

    I can confirm, with geo-ip filtering no problem at the moment

    Luca

  • Remon
    Remon Posts: 6  Freshman Member
    First Comment Friend Collector Fifth Anniversary

    Hello Tobias, i had you on the phone this morning your workaround is now the solution for my problems.

Security Highlight