GEO IP update error (firmware V5.37(ABFW.0)
Hello. Can't update GEO IP database on ATP 200 with firmware V5.37(ABFW.0).
Latest Version: 20230728
Current Version: 20230721
When press "Update" - get error "Geo-IP country database version 20230728 download has failed. (failed) at Mon Jul 31 10:28:49 2023"
Help, please.
Accepted Solution
-
make two new rules In routing make them the top rule
incoming ZyWALL
service HTTP/HTTPS
next hop your WAN interface
0
All Replies
-
Hi @a1601
Please provide the remote Web-GUI link to us for further checking. We will send a private message to you later, please check your mail in-box. Thanks.
See how you've made an impact in Zyxel Community this year!
0 -
Hi @a1601
Could you config Domain Zone Forwarder to the public DNS server 8.8.8.8 and try to update Geo-IP DB again? As Below:
We want to check if the root cause is related to DNS resolution for the Geo-IP DB server URL(cdn.cloud.zyxel.com). Thanks.
See how you've made an impact in Zyxel Community this year!
0 -
It did not help. Also fails to connect to the ntp server 0.pool.ntp.org (and 2.pool.ntp.org). Access settings, rules, etc. have not changed since the last successful update.
I see some internal error in the logs.
Ping cdn.cloud.zyxel.com from the local network - sucsessful, but fails from the device.
0 -
If for pinging from the device manually select the "correct" (active) interface WAN1 (two WAN are configured, the second is a backup), then pings from the device is successful. By default (without manual selection) ping goes through an inactive interface. I tried to change DNS settings "Qurey via" from "auto" to the active interface WAN1 - it did not help to update the geoip and time.
0 -
can you test NTP by IP?
0 -
For extrernal IP - Timeout error.
Internal IP (local NTP server) - sucsessful.0 -
Hi @a1601
Once you change to the local NTP server, can you update the Geo-IP database successfully?
See how you've made an impact in Zyxel Community this year!
0 -
Hi,
No. Still the same error as before.
0 -
Do you use SYSTEM_DEFAULT_WAN_TRUNK ?
In routing make this the top rule
incoming ZyWALL
service NTP
next hop your WAN interface
Then test NTP
0 -
No. use "User Configured Trunk" (with two members: wan1 and wan2). For testing switch to System_default.
Created this rule. When in the next hop set WAN1 - NTP check succeeds.
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight