ScreenOS Firewalls (NOT SRX)
Highlighted
ScreenOS Firewalls (NOT SRX)

SSG320 Interfaces inaccessable

‎05-22-2018 08:50 PM

Hello - I have a SSG320 running version 6.3.0 r25. A few months ago the device stopped passing traffic. I was unable to ping interfaces and the console port was frozen. Lights looked normal with the exception of the alarm light and the port lights were showing actvity. Seeing as I could not use the console port I powercycled the device. It restarted as expected and was back up and running. This happened 3 times over a 24 hour period at which point the device functioned normally. The issue happened again this morning and I had to power cycle twice over the day.

 

From what I have read the power cycle is purging all of the logs so I have nothing to look at once the device is back online. My question is one does anyone have any ideas what may be happening with ports not passing traffic and the console port not being accessible and two are there any suggestions to record whats happening at the time the ports lock up so I can try to troubleshoot and resolve.

 

Thank you

7 REPLIES 7
Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG320 Interfaces inaccessable

‎05-22-2018 09:26 PM

Hello,

 

I have not come across this issue so far.

Does 'get log sys saved' show anything after power cycle?

Anything non-standard reported in 'get log sys' output when compared over multiple days?

Has the traffic pattern changed in your network or new traffic introduced?

Ideally in such cases TAC case should be opened.

 

Regards,

 

Rushi

Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG320 Interfaces inaccessable

‎05-23-2018 02:23 AM

helpful

Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG320 Interfaces inaccessable

‎05-23-2018 07:08 AM

No changes on my network. TAC was unable to locate any issues and stated logs are flushed on power cycle so nothing to look at.

 

'get log sys saved' returns an old error and 'get log sys' return is below.

 

>get log sys
RS: installation init successfully
## 2018-05-22 17:55:35 : Workaround for marvell dx106 executed,hwifp->if_num=0
## 2018-05-22 17:55:35 : Workaround for marvell dx106 executed,hwifp->if_num=5
## 2018-05-22 17:55:35 : Workaround for marvell dx106 executed,hwifp->if_num=6
## 2018-05-22 17:55:35 : Workaround for marvell dx106 executed,hwifp->if_num=7
## 2018-05-22 17:55:42 : sys up(tid=86,pid=32754) exited with code = 0
## 2018-05-22 17:55:42 : nsrd-startup(tid=57,pid=32725) exited with code = 0
## 2018-05-22 17:55:44 : module_test(tid=67,pid=32735) exited with code = 0

Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG320 Interfaces inaccessable

‎05-23-2018 05:08 PM

Do you have an external syslog server configured that would have collected data at the time right before the failure?

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG320 Interfaces inaccessable

‎05-24-2018 09:17 AM

I do have the SSG configured to point to a syslog. It only seems to be logging logon type stuff. Can you tell me how I should configure the logging settings so these types of events are sent to syslog?

 

Thanks

Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG320 Interfaces inaccessable

‎05-24-2018 04:51 PM

You can ship event logs and traffic logs to the syslog server.  This is setup here.

Configuration > Report settings > syslog

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG320 Interfaces inaccessable

‎06-21-2018 07:20 PM

Hello,

 

Here is the KB article for the configuration to send logs to external syslog server on ScreenOS devices.

 

https://kb.juniper.net/InfoCenter/index?page=content&id=kb4759

 

Which ScreenOS version the device is running on?

 

Is there a chance to upgrade the same to latest firmware i.e. 6.3.0r25?

 

Regards,

 

Rushi

Feedback