XG Firewall v18 MR-3: Feedback and experiences

Hi, I beleive I do have the same issue. As far as I can tell csc, applog have no unusuall gaps, but syslog has 5hours gap the night before the crash.

RAM was at 60% all the time, but the morning before crash I had CPU spikes to 100% which probably caused the web admin not responding.

Thanks for the reply.  I wasn't sure what I should check next to determine what happened.

CPU and Memory both flat line at the same times of the outage.  Memory had a spike from 52% to 81% at 22:50.  My backup is set to run at Sunday at 00:00 and I did receive the backup in an email at 12:02 am.

app.log has a gap 

Nov 01 22:45:10 Checking new IPs of fqdn for mta
Nov 02 11:13:20 prepare_virtual_app_setup: Syncing network interface.

csc.log has a gap

MESSAGE Nov 01 22:45:29 [worker:16734]: {"request":{"method":"nopcode","name":"u2d_dr_installer","version":"1.2","type":"text","length":0}}
mount: /_conf/csc: Invalid argument
MESSAGE Nov 02 11:13:15 [csc:992]: Restricted context is initialized successfully

networkd.log has nothing?

INFO ; Oct 27 09:28:43 ; ADMIN ; ND_MAIN ; sending reply: -1;
ERROR ; Nov 02 11:14:47 ; ADMIN ; ND_MAIN ; string is null;

syslog has a gap

Nov 2 23:59:03 (none) user.err kernel: [45963.307650] 774:appdev_release:dev open 0
Nov 3 00:00:04 (none) user.err kernel: [46024.515571] 729:appdev_open:dev open 0 1f

Check the vpnlog.log for any weird lines,  I have the filling, that the issue is vpn related, same as first release

• NC-56732 [Firewall] Kernel panic after update to 18.0 GA due to SSLVPN.

Unfortunately, that is empty.  I don't use SSLVPN.  

i updated to SFOS 18.0.3 MR-3 overnight...and snmp is broken. i've seen other posts where folks are complaining about this as well. i downloaded the zip file that has the v17 and v18 mibs and what's in the v18 file is nice but not at all helpful. can we expect a v18 file that includes v17 mibs?

I upgraded and had to disable the application filtering on my main outbound ACL. When active all our internet connectivity was too slow to work. This was on 8 XG's on the new code.

Hello Ben,

Thank you for what about the Graphs, do you see any GAP in there?

Regards,

Hi folks,

I had to rebuild my main firewall because I locked up the old one with a bad firewall rule configuration and could not access it. While most connected devices continued to function correctly a couple would not connect 

In the interim I had been using a J1900 unit upgraded from v17.514 .mr14 (to v18.0.3 sig) without any user performance issues, GUI is just plain slow.

Now having built a unit based on the v18.0.3 MR3 ISO and restored from a backup to a working version I am finding the throughput for speed testing is the same as before, but the user experience when web surfing is very slow very slow and I cannot see any logical reason for this? I have restarted the main XG a couple of times

I will put the j1900 back online to see if I am imaging the issue.

Ian

Immediately after posting this nasty comment, the XG performance improved like somebody threw a go fast switch.

Hello Martin,

Thank you for the information.

I have sent you a PM.

Regards,

Its a flat line at what looks to be zero so no gaps.