SMA 210 GeO/IP Botnet Status Filter Database Automatic Synch Fails
CFBITSolutions
Newbie ✭
We have a number of SMAs that we have active Licenses for the GeoIP and Botnet filters.
The only trouble is that some of them won't do the automatic synchronisation of the databases. So when we go on and click check for updates it then comes up synch failed. Then if we click off the page and then go back the status has then updated.
The error that is showing up in the logs is below and I can't seem to find anything online to explain this issue.
Message - fd is 8f70788, errno is 2
Has anyone else come across this issue.
We have checked networking and can confirm that the internal DNS is used as Primary and the Google DNS is secondary.
Any Help with this will be appreciated.
Best Answer
-
CORRECT ANSWER
BWC
Cybersecurity Overlord ✭✭✭
@CFBITSolutions I can't recall what the error message was when I had constant trouble getting updates for GeoIP and Botnet, but do you have USA on your blocklist? This causes a lot of trouble for me because iptables isn't don't proper internally.
My battle is documented over here, but it does not seem identical to your problem, because errno 2 usually means that a file cannot be found.
--Michael@BWC
1
Answers
Thank you for your comment.
Going alongside this we added a botnet filter policy to allow the IP's for both smagbdata.global.sonicwall.com and geoipdata.global.sonicwall.com to allow give the device and reboot and this has now resolved the issue.
You would have though being built for this reason that the GeoIP would not block its own ips.
Thanks so much for the TIP.