TZ400 Interesting Behavior
Got a notification around 5:30 AM that the network was down. Went onsite and noticed the firewall appeared to restart, maybe a power glitch, still uncertain exactly what happened. Rebooted the firewall manually by pulling the power, and allowed it to reset. The firewall powered up however all devices on the LAN reported limited Internet access, the reason was DNS was not resolving. For the record, this environment has its own server, PDC configuration. I checked internal DNS and everything checked out. Moved onto the firewall and noticed zero bandwidth, which I thought was strange, there's usually some activity. Checked with the ISP and everything looked good.
I then began troubleshooting the firewall and nothing really stood out of place. I ended up reinstalling the firmware from a backup and it began working fine.
My questions are, what do you think caused this? My thinking is 1. the manual reset caused the firmware to go corrupt, but then why did the firewall begin to act up prior? 2. The firewall is going bad and this is an indication. 3. Maybe the firewall survived a failed attack, which is alarming and I hope this is not the case.
Has anyone seen anything like this before? The firewall is only a couple years old, would like to drill down and understand more why what happened did for the sake of knowledge and so I can prevent it from happening again.
What firmware version are you running? There could be patches in newer firmware versions that resolve the unknown issue.