Customer deploys AntiDDoS with ATIC server (windows operation system), and the whole system works fine. But after rebooting ATIC server, there is no traffic received any more on ATIC. The topology is shown as below:
Here are possible causes for communication issue between AntiDDoS and ATIC server, we have to troubelshoot step by step.
1. AntiDDoS is offline or unreachable. After checking the device status, we found AntiDDoS is still online
2. AntiDDoS is not associated with ATIC collector. After checking the collector, we found it associate with AntiDDoS successfully.
3. ATIC collector is offline. From the step 2, we can see collector is online.
4. Log-server-ip and log-local-ip configuration on AntiDDoS is incorrect. We checked configuration on AntiDDoS, the configuration is correct.
firewall ddos log-local-ip x.x.9.16
firewall ddos log-server-ip x.x.9.15
5. The firewall on ATIC is enabled and blocks UDP port 9110 and 9112. After Windows server(ATIC) rebooting, windows firewall is enabled by default, and it blocks the communication between AntiDDoS and ATIC server on UDP port 9110 and 9112.
After Windows server(ATIC) rebooting, windows firewall is enabled by default, and it blocks the communication between AntiDDoS and ATIC server on UDP port 9110 and 9112.
Add a new Inbound Rule on ATIC server to allow UDP port 9110 and 9112 as following:
Suggest to generate a error message/alarm information on ATIC server if comminication for traffic sending from AntiDDoD is blocked.