Appliance hang & conf lost
SonicAdmin80
Cybersecurity Overlord ✭✭✭
I have a TZ500 that hangs every 2-3 months or so and requires a hard reboot. After the reboot it has usually lost all configuration and settings need to be imported back. Afterwards it again works fine before it eventually happens again.
The unit was already once replaced by support but the problem transferred to the new unit. It's currently running 6.5.3.4 but I have to update it soon to fix the recent vulnerability.
Has anyone seen this? Somehow either the settings must be corrupted, the firmware version is buggy or someone is crashing the unit through SSL-VPN portal perhaps using the recently revealed vulnerability.
This has been quite an annoyance. The unit will be upgraded soon to a TZ670 but I'm afraid the problem might transfer again unless I do all configuration manually from scratch. The TZ500 will be reset and repurposed so hopefully it stops there for that unit.
Best Answer
-
CORRECT ANSWER
preston
All-Knowing Sage ✭✭✭✭
The only time I've seen the units lose their config entirely is due to power surges or faulty power supplies, When you recieved your replacement TZ500 did you also replace the Power supply or just use the exsisting one ?
you will probably find also that the config isn't lost entirely, if you safemode and then boot with current settings it usually puts the settings back.
If you are worried about the config being corrupt export it as a CLI file, you can do this from the online SonicWall migrate tool, then use this link as a guide to re-import
I would recommend just connecting via SSH and copy and paste the sections in one section at a time no more than 50 lines at a time, also you will need to manually go through the Address objects and Address groups as when the CLI exports they are in the wrong order, you need to make sure all the IPv4 and IPv6 Address objects are added before attempting to import the Address object groups, you also need to delete all the lines which start with UUID, and any default rules, there is a lot you can ommit from the file also like logging settings, default Applications rule categories etc....
it will take a lot of time but it will ensure that there is no corruption in the config.
5
Answers
Hello @SonicAdmin80,
There were some reported issues earlier where the DHCP settings and VPN configurations were lost. But, both of them are fixed on the latest release.
Please have a settings backup done and upgrade to 6.5.4.7-83n. After that check if you are running into this issue again.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Thanks, I will do that. Any opinion if there's a risk for the problem to transfer to a TZ670 running SonicOS 7?
For me the issue isn't just DHCP and VPN settings, everything is lost like a factory reset. I need to import settings, set the admin password and import SSL certificates and then it's as it was.
@SonicAdmin80,
If this is taking place due to settings corruption, there is a chance that this problem will occur after settings import on TZ 670.
So, if you could confirm after upgrading, that would provide more clarity.
I couldn't find any reported issues where the device goes to factory default settings after a restart.
Thanks!
Shipra Sahu
Technical Support Advisor, Premier Services
Ok. The TZ670 will be in use before I have time to observe if the update fixes the issue, so I guess I'll just see with TZ670 if the problem transfers over or not. I could do the configuration again through CLI but I suspect SonicOS 7 has changed syntax so a simple copy-paste probably won't work.
Hi @SonicAdmin80,
Additionally enable the cloud backup features.
Yes I have, makes restoring the config much easier when it happens.
That's great info. I actually didn't replace the power supply so that could explain it. I'll make sure to replace it when I repurpose the appliance as I have the new one delivered with the replacement unit.
I might do the CLI configuration on the TZ670 as well, but I suspect some manual modification might be required if the syntax has changed in the new OS.