Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 14 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 2454 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG blocking all HTTP after reboot, no entries in the logs to diagnose

IT Support166

XG330 (SFOS 17.5.12 MR-12) 

Since firewall reboot last night our XG is now blocking all HTTP sites and displaying the following page. We have not made any changes to any rules, and the HTTPS version of the site works fine.

More critically, there are no entries in the log viewer for these blocks to help diagnose which area of the XG is causing this block.



This thread was automatically locked due to age.
Parents
  • 0

    Check your Pattern.

     Seems like your pattern are broken.

    Check /log/u2d.log

  • 0 in reply to LuCar Toni

    Looks to be FATAL : Error in parsing response, exiting. on both the Firmware and Patterns updates:

    Extract from u2d.log with Serial and DeviceID redacted:

    DEBUG Oct 21 12:24:06 [2654]: --serial = [redacted]
    DEBUG Oct 21 12:24:06 [2654]: --deviceid = [redacted]
    DEBUG Oct 21 12:24:06 [2654]: --fwversion = 17.5.12.664
    DEBUG Oct 21 12:24:06 [2654]: --productcode = CN
    DEBUG Oct 21 12:24:06 [2654]: --model = XG330
    DEBUG Oct 21 12:24:06 [2654]: --vendor = WP02
    DEBUG Oct 21 12:24:06 [2654]: --sfmversion = --oem
    DEBUG Oct 21 12:24:06 [2654]: Added new server : Host - , Port - 8443
    DEBUG Oct 21 12:24:06 [2654]: Final query string is :
    ?&serialkey=[REDACTED]&deviceid=[REDACTED]&fwversion=17.5.12.664&productcode=CN&appmodel=XG330&appvendor=WP02&useragent=SF&oem=&sfmversion=--oem
    DEBUG Oct 21 12:24:06 [2654]: Response code : 0
    DEBUG Oct 21 12:24:06 [2654]: Response body :

    DEBUG Oct 21 12:24:06 [2654]: Response length : 0
    ERROR Oct 21 12:24:06 [2654]: Response not parsed successfully.
    ERROR Oct 21 12:24:06 [2654]: FATAL : Error in parsing response, exiting.
    DEBUG Oct 21 12:24:16 [3041]: --serial = [redacted]
    DEBUG Oct 21 12:24:16 [3041]: --deviceid = [redacted]
    DEBUG Oct 21 12:24:16 [3041]: --fwversion = 17.5.12.664
    DEBUG Oct 21 12:24:16 [3041]: --productcode = CN
    DEBUG Oct 21 12:24:16 [3041]: --model = XG330
    DEBUG Oct 21 12:24:16 [3041]: --vendor = WP02
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ips_version = 9.17.14
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ips_cv = 14.0
    DEBUG Oct 21 12:24:16 [3041]: --pkg_atp_version = 1.0.0302
    DEBUG Oct 21 12:24:16 [3041]: --pkg_atp_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_savi_version = 1.0.0
    DEBUG Oct 21 12:24:16 [3041]: --pkg_savi_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_avira_version = 1.0.0
    DEBUG Oct 21 12:24:16 [3041]: --pkg_avira_cv = 4.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_apfw_version = 11.0.012
    DEBUG Oct 21 12:24:16 [3041]: --pkg_apfw_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_waf_version = 1.0.0006
    DEBUG Oct 21 12:24:16 [3041]: --pkg_waf_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_sslvpn_version = 1.0.007
    DEBUG Oct 21 12:24:16 [3041]: --pkg_sslvpn_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ipsec_version = 1.4.001
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ipsec_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_clientauth_version = 1.0.0019
    DEBUG Oct 21 12:24:16 [3041]: --pkg_clientauth_cv = 2.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_redfw_version = 3.0.000
    DEBUG Oct 21 12:24:16 [3041]: --pkg_redfw_cv = 2.00
    DEBUG Oct 21 12:24:16 [3041]: --sfmversion = --oem
    DEBUG Oct 21 12:24:16 [3041]: Added new server : Host - , Port - 8443
    DEBUG Oct 21 12:24:16 [3041]: Final query string is :
    ?&serialkey=[REDACTED]&deviceid=[REDACTED]&fwversion=17.5.12.664&productcode=CN&appmodel=XG330&appvendor=WP02&useragent=SF&oem=&pkg_ips_version=9.17.14&pkg_ips_cv=14.0&pkg_atp_version=1.0.0302&pkg_atp_cv=1.00&pkg_savi_version=1.0.0&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.0&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_clientauth_version=1.0.0019&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.012&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.000&pkg_redfw_cv=2.00&pkg_waf_version=1.0.0006&pkg_waf_cv=1.00&pkg_sslvpn_version=1.0.007&pkg_sslvpn_cv=1.00&pkg_ipsec_version=1.4.001&pkg_ipsec_cv=1.00&sfmversion=--oem
    DEBUG Oct 21 12:24:16 [3041]: Response code : 0
    DEBUG Oct 21 12:24:16 [3041]: Response body :

    DEBUG Oct 21 12:24:16 [3041]: Response length : 0
    ERROR Oct 21 12:24:16 [3041]: Response not parsed successfully.
    ERROR Oct 21 12:24:16 [3041]: FATAL : Error in parsing response, exiting.

  • 0 in reply to IT Support166

    The problem seems to be the "empty" body. 

    We are sending this "final query" to the backend server to get the current version.

    But you get back: 

    DEBUG Oct 21 12:24:16 [3041]: Response body :

    Which indicates, the response is empty.

    Did you redact the following line: DEBUG Oct 21 12:24:16 [3041]: Added new server : Host - , Port - 8443

    And why is there a parent proxy port? 

    Do you use parent proxy? if not please try to set one and empty the configuration. 

  • 0 in reply to IT Support166

    Hi : Please share support case ID for firmware check fails issue for my reference. 

  • 0 in reply to LuCar Toni

    That line wasn't redacted, verbatim from the log file:

    DEBUG Oct 21 12:24:16 [3041]: Added new server : Host - , Port - 8443

    We don't use a parent proxy. The setting in Routing > Upstream Proxy was not enabled but did include a port number. I've emptied the config there and saved. Still fails on the Firmware and Pattern updates:

  • 0 in reply to Vishal_R

    Check for Firmware Update error: Case ID is: 03252846

  • 0 in reply to Vishal_R

    Also Case ID for Sophos Central Management is: 03255107

Reply Children
No Data