No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

All traffic on all of the firewall interfaces was discarded in USG5120

Publication Date:  2014-09-29 Views:  11 Downloads:  0
Issue Description
The USG is discarding all traffic on all of is interfaces. We cannot access to the Trust, DMZ and Untrust Zone configured on specified interfaces.
This problem has happen several time.
This USG is on our HQ site and when this problem appear all of ours serveur (mail, application server,etc…) are unreachable.
Alarm Information
No
Handling Process
1. Observing the pilot lamp status, especially the SYS ACT, ALM,ACT. If these was anything wrong
It will be done. But usually when this problem appear the led are still green with no alarm status


2. Testing the local network, whether the host can ping it’s gateway ip address when lose connection with internet.
When loosing such connection, all the local network cannot reach the gateway because our gateway is the USG. It mean that the we loose everything. 


3. Using console to login on the device, use ping command to test the connection to the inside and outside remote


4. Check the output of display diagnostic information
[USG]display  memory                                                                                                                                                                                  
*****************************************************************************                                                  
Block Memory Status                                                                                                               
Block Size    32        Free   268      Used  115796    Total  116064                                                              
Block Size    64        Free   428      Used  129282    Total  129710                                                             
Block Size   128        Free   433      Used    4182    Total    4615                                                              
…                                                         
Block Size  4096        Free    23      Used    1087    Total    1110                                                             
-----------------------------Summary--------------------------------                                                              
Used(Byte)54570320      Free 23039      Used  292060    Total  315099                                                             
Memory total used size: 54570320        Used Ratio For Memory : 72%                                                               
Dos Memory Status                                                                                                                 
Memory Usage:                                                                                                                   
Block Size > 4096       Free      42    Used    1161    Total    1203                                                             
-----------------------------Summary--------------------------------                                                              
Used(Byte)159819744     Free    42      Used    1161    Total    1203                                                             
Memory total used size: 159819744       Used Ratio For Memory : 62%                                                             
Memory Can Alloc Largest Size: 91205128                                                                                           
Memory Usage                                                                                                                      
Total Size: 337533712, Free Size: 122371052, Usage: 63%                                                                            
*****************************************************************************                                                     
Smbuf usage:                                                                                                                       
Total smbuf amount is :  6144                                                                                                     

Allocated smbuf amount is :  2068, free smbuf amount is : 4076                                                                     
Smbuf usage is :  33%    [SMBUF memory usage]                             
                                                                            
Total GMAC0 smbuf amount is  :    7510                                                                                             
Allocated GMAC0 smbuf amount is :  119                                                                                            
Smbuf GMAC0 usage is :  1%                                                                                                        
********************************************************************                                                              
Sos memory usage:                                                                                                                  
Total sos memory is 201326592 (192MB)                                                                                             
Used sos memory is 121919744 (116MB)                                                                                               
The sos memory usage is 60%                                                                                                    
********************************************************************                                                              
App memory usage:                                                                                                                
Total app static memory: 190548640                                                                                                
Allocated app static memory: 704                                                                                                  
App static memory usage: 0%            



4. Check the configuration file --- run the display current-configuration | include av command to check whether an AV policy is configured

[USG] display  current-configuration  | include av                                                                                
  policy av av_policy_name 


[USG]display av  global-configuration                                                                                               
Global configuration information about Anti-Virus                                                                                 
------------------------------------------------------------                                                                       
 
Anti-Virus global switch : Enable [AV is enabled].                                                                                               
  Scan level               : 3                                                                                                     
  Max decompressable layer : 10                                       
                                                            
------------------------------------------------------------ 


Root Cause
The reason of this problem was located.

In version V300R001C00SPCa00 if the anti-virtus function runs, it may cause smbuf leak, then the firewall would stop all the traffic.
Solution
1- On the site where the AV function is not required on the firewall, run the following command to disable the function:
[USG]undo av enable

2- To use the AV function, use V300R001C10SPC200.
Updating the USG version to the latest can solve the problem. The latest version is V300R001C10SPC200+SPH201 (patch).
Suggestions
No

END