Thread Info
  • State Verified Answer
  • +3 person also asked this people also asked this
  • Locked Locked
  • Replies 10 replies
  • Subscribers 32 subscribers
  • Views 24309 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Unable to update Samsung phone behind xg

Moeller

Hi

 

Just found out that for some reason phone updates are not allowed, have tried stopping the IPS service so see if that makes any difference.

But the download gets to 100% and an error pops up, the downloaded file is invalid.

Cant find anything in any logs.

 

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    If you can't find anything in any logs, then you have to enable logging on the respective Firewall Policies.

    Do you use webfilter for instance?

  • 0 in reply to HuberChristian

    Hi

    I only block malware sites and newly created domains via webfilter.

  • 0 in reply to Moeller

    Moeller,

    use drop-packet-capture "host x.x.x.x" where x.x.x.x is your mobile ip.

    From there you should understand the reason why traffic is blocked.

    Regards

  • 0 in reply to lferrara

    Hi Moeller , 

    Best practice to determine if its an issue with the firewall or not simply creates a plain rule for your mobile MAC address or Host address and user the same policy, disable https scanning or malware scanning and check the drop packets for your mobile. As per Luks suggestion run the tcpdump for your mobile and a drop packet capture for the same 

    Command console> tcpdump 'host <Mobile host address > 

    Command console > drop 'host <Mobile of host address> and not port 137 and not port 53

    Post both outputs when the issue is recreated. Remove the policy by changing to none for a single MAC/Host address of the mobile and check again. 

  • 0 in reply to Aditya Patel

    The phone got updated outside the network, tried with another Samsung model, but couldn't replicate the issue.

    Thanks anyway

  • 0 in reply to Aditya Patel

    Hi Aditya

    Have justed looked though the logs again, and it looks like it was blocked as malware

     

    URL: http://fota-s3-dn.ospserver.net/firmware/NEE/SM-G930F/10629b

     

     

  • +4 in reply to Moeller

    Hello

     

    I personally also use for Samsung (in general) following compressed exceptions...I build/optimized it a while ago from all my various Samsung rules across time. As I use various galaxy devices, Samsung Smart TV's and Samsung wash dryer (Smart Things), the rules might contain some additional webservices not used for Galaxy Updates. I think the first three exceptions should already work for Samsung Galaxy Store and OTA updates, the SmartThings and other exceptions surely might become useful in the future maybe ? ;o))

     

    ^([A-Za-z0-9.-]*\.)?samsung(rm|apps|cloud|dm|osp|otn|iotcloud)?\.(com|net)?\/
    ^samsappsbn\.vo\.llnwd\.net\/
    ^([A-Za-z0-9.-]*\.)?ospserver\.net\/
    ^([A-Za-z0-9.-]*\.)?api\.smartthings\.com\/

    Excluded from HTTPS scanning, AV and Sandstorm

     

    If it's still blocking, also check IPS and AppControl LOg for possible false positives/blocks too...

     

    Hope that helps

     

    BTW: Why a OTA should be blocked as Malware ? Usually a OTA is a 3 to 4 digit MB download and exceeds the common scansize of 20...50MB and is therefor not scanned or sandboxed by XG anyway? Or is it blocked as malcious url ?

     

    /Sascha

  • 0 in reply to SaschaParis

    Hi Sascha

     

    Looks like the first two was enough.

    Just updated some apps and will try the first to see if that would do the trick alone.

    Thanks

     

     

     

    /Moeller

Reply Children
No Data