Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 14 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 2957 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG blocking all HTTP after reboot, no entries in the logs to diagnose

IT Support166

XG330 (SFOS 17.5.12 MR-12) 

Since firewall reboot last night our XG is now blocking all HTTP sites and displaying the following page. We have not made any changes to any rules, and the HTTPS version of the site works fine.

More critically, there are no entries in the log viewer for these blocks to help diagnose which area of the XG is causing this block.



This thread was automatically locked due to age.
Parents
  • 0

    Check your Pattern.

     Seems like your pattern are broken.

    Check /log/u2d.log

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Looks to be FATAL : Error in parsing response, exiting. on both the Firmware and Patterns updates:

    Extract from u2d.log with Serial and DeviceID redacted:

    DEBUG Oct 21 12:24:06 [2654]: --serial = [redacted]
    DEBUG Oct 21 12:24:06 [2654]: --deviceid = [redacted]
    DEBUG Oct 21 12:24:06 [2654]: --fwversion = 17.5.12.664
    DEBUG Oct 21 12:24:06 [2654]: --productcode = CN
    DEBUG Oct 21 12:24:06 [2654]: --model = XG330
    DEBUG Oct 21 12:24:06 [2654]: --vendor = WP02
    DEBUG Oct 21 12:24:06 [2654]: --sfmversion = --oem
    DEBUG Oct 21 12:24:06 [2654]: Added new server : Host - , Port - 8443
    DEBUG Oct 21 12:24:06 [2654]: Final query string is :
    ?&serialkey=[REDACTED]&deviceid=[REDACTED]&fwversion=17.5.12.664&productcode=CN&appmodel=XG330&appvendor=WP02&useragent=SF&oem=&sfmversion=--oem
    DEBUG Oct 21 12:24:06 [2654]: Response code : 0
    DEBUG Oct 21 12:24:06 [2654]: Response body :

    DEBUG Oct 21 12:24:06 [2654]: Response length : 0
    ERROR Oct 21 12:24:06 [2654]: Response not parsed successfully.
    ERROR Oct 21 12:24:06 [2654]: FATAL : Error in parsing response, exiting.
    DEBUG Oct 21 12:24:16 [3041]: --serial = [redacted]
    DEBUG Oct 21 12:24:16 [3041]: --deviceid = [redacted]
    DEBUG Oct 21 12:24:16 [3041]: --fwversion = 17.5.12.664
    DEBUG Oct 21 12:24:16 [3041]: --productcode = CN
    DEBUG Oct 21 12:24:16 [3041]: --model = XG330
    DEBUG Oct 21 12:24:16 [3041]: --vendor = WP02
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ips_version = 9.17.14
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ips_cv = 14.0
    DEBUG Oct 21 12:24:16 [3041]: --pkg_atp_version = 1.0.0302
    DEBUG Oct 21 12:24:16 [3041]: --pkg_atp_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_savi_version = 1.0.0
    DEBUG Oct 21 12:24:16 [3041]: --pkg_savi_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_avira_version = 1.0.0
    DEBUG Oct 21 12:24:16 [3041]: --pkg_avira_cv = 4.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_apfw_version = 11.0.012
    DEBUG Oct 21 12:24:16 [3041]: --pkg_apfw_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_waf_version = 1.0.0006
    DEBUG Oct 21 12:24:16 [3041]: --pkg_waf_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_sslvpn_version = 1.0.007
    DEBUG Oct 21 12:24:16 [3041]: --pkg_sslvpn_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ipsec_version = 1.4.001
    DEBUG Oct 21 12:24:16 [3041]: --pkg_ipsec_cv = 1.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_clientauth_version = 1.0.0019
    DEBUG Oct 21 12:24:16 [3041]: --pkg_clientauth_cv = 2.00
    DEBUG Oct 21 12:24:16 [3041]: --pkg_redfw_version = 3.0.000
    DEBUG Oct 21 12:24:16 [3041]: --pkg_redfw_cv = 2.00
    DEBUG Oct 21 12:24:16 [3041]: --sfmversion = --oem
    DEBUG Oct 21 12:24:16 [3041]: Added new server : Host - , Port - 8443
    DEBUG Oct 21 12:24:16 [3041]: Final query string is :
    ?&serialkey=[REDACTED]&deviceid=[REDACTED]&fwversion=17.5.12.664&productcode=CN&appmodel=XG330&appvendor=WP02&useragent=SF&oem=&pkg_ips_version=9.17.14&pkg_ips_cv=14.0&pkg_atp_version=1.0.0302&pkg_atp_cv=1.00&pkg_savi_version=1.0.0&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.0&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_clientauth_version=1.0.0019&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.012&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.000&pkg_redfw_cv=2.00&pkg_waf_version=1.0.0006&pkg_waf_cv=1.00&pkg_sslvpn_version=1.0.007&pkg_sslvpn_cv=1.00&pkg_ipsec_version=1.4.001&pkg_ipsec_cv=1.00&sfmversion=--oem
    DEBUG Oct 21 12:24:16 [3041]: Response code : 0
    DEBUG Oct 21 12:24:16 [3041]: Response body :

    DEBUG Oct 21 12:24:16 [3041]: Response length : 0
    ERROR Oct 21 12:24:16 [3041]: Response not parsed successfully.
    ERROR Oct 21 12:24:16 [3041]: FATAL : Error in parsing response, exiting.

  • 0 in reply to IT Support166

    The problem seems to be the "empty" body. 

    We are sending this "final query" to the backend server to get the current version.

    But you get back: 

    DEBUG Oct 21 12:24:16 [3041]: Response body :

    Which indicates, the response is empty.

    Did you redact the following line: DEBUG Oct 21 12:24:16 [3041]: Added new server : Host - , Port - 8443

    And why is there a parent proxy port? 

    Do you use parent proxy? if not please try to set one and empty the configuration. 

    __________________________________________________________________________________________________________________

  • 0 in reply to IT Support166

    Hi : Please share support case ID for firmware check fails issue for my reference. 

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support
    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link.

Reply Children
Unfiltered HTML