Problem and solution when the optical port of the firewall is down

0

What if the optical port of the USG is not Up?

1. The negotiation modes, rates, and duplex modes on both ends shall be the same.
2. Check whether optical fibers and optical transceivers are correctly used.
-A multi-mode fiber can be used with a single-mode optical transceiver if the transmission distance is short.
-A single-mode optical fiber can only be used with a single-mode optical transceiver.
-Check whether the optical port and optical transceivers are incorrectly used together. For example, 100M optical ports are used together with 1000M optical transceivers.
-Check whether the optical transceiver is authenticated.
-Generally, a single-mode optical fiber is yellow, and a multi-mode optical fiber is orange.
3. Run the display interface xx command to check whether the wavelengths of the connected optical transceivers are the same and whether the distances are proper.
4. Run the display interface xx verbose command to check whether the receive or transit power of the optical ports is within the allowed range.
5. Connect the head and tail of a fiber to an optical transceiver to check whether the port can go Up.
6. If the fault persists, consider replacing the optical transceiver and optical fiber.

Other related questions:
Problem and solution when the electrical port of the firewall is down
What if the electrical port of the USG is not Up? 1. Check whether the faulty port is disabled. If yes, run the undo shutdown command to enable the port. 2. Remove the network cable: -Check whether the gold pin of the interface is bent or deviates. -Check whether the network cable is disconnected or damaged. -Check the type of the network cable. A GE electrical port fails to go Up if a network cable lower than category 5 cable is used. -A GE electrical interface may fail to go Up if some wires among the four wire pairs in the network cable are damaged. 3. Auto-negotiation shall be configured on both ports, and the rates and duplex modes on both ports shall be the same. 4. Incorrect MDI setting: -The current device can automatically identify straight cables or crossover cables, and MDI is usually not required.

Problem and solution when a firewall cannot be added to the NMS
To solve the problem that a firewall cannot be added to the NMS (NMS workstation), perform the following steps: 1. Check whether the SNMP settings on the firewall are correct. For example, check whether the SNMP version matches the NMS. 2. Check whether the NMS is reachable to the firewall. 3. Check whether access management in SNMP mode is enabled on the interface connecting the firewall to the NMS. That is, you need to run the service-manage snmp enable command on the interface to allow the peer device to access the firewall in SNMP mode. By default, the SNMP permission of the interface is disabled. In this case, even if the security policy for the interzone between the zone where the interface resides and the Local zone is enabled, you cannot access the device through the interface. This is because that the service-manage function has a higher priority than the security policy. For details, see USG6350 can't add to the NMS server.

Problem and solution when port mapping on the USG6330 fails
If port mapping fails, check first whether the policy is correct and then view the session table information.

Problem and solution when network extension cannot be enabled on the firewall
Only the administrator can enable network extension.

Problem and solution when the heartbeat interfaces of the firewalls fail to be directly connected
Troubleshoot as follows: 1. Check whether the cable is properly connected. 2. Check whether the interface has been added to the security zone. 3. Check whether service-manage ping permit is configured under the interface.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top