Tengo un firewall usg6310s

Publicado 2019-4-20 10:16:27Última respuesta abr. 20, 2019 14:20:53 69 1 0 0
  Recompensa Goldies : 0 (solución de problemas)

Buy a USG 6310s to enter the graphical interface everything was correct, then enter the download page download the latest system update for usg6310s after executing it appears that the version of the team is usg6000 and a part comes in Chinese. I would like you to help me with the system version and the other versions that the USG6310s team brings in order to be able to solve my problem since when doing the update the admin user lost permissions and only allows to see two windows of the administrative panel. now I get a sec-admin user who has the role of administrator but does not let me see the license part or roles with any user

  • x
  • convención:

Respuestas destacadas
Publicado 2019-4-20 14:20:53 Útil(0) Útil(0)
 Assume that you have an USG and you want to update the database.

 You can ping sec.huawei.com . In configuration FTP, HTTP, DNS, HTTPS, TCP 443, 12612 & UDP 12600 are allowed.
 
 Domain is configured but the update is not working. The following error is displayed " UPDATE/4/FAILURE:Failed to connect to the download server, please check the Internet connection, and try again later. (SyslogId=332, Module=IPS-SDB, Pre-UpdateVersion=2016061500, UpdateVersion=, Status=manual-update, Duration(s)=213) ". If we check the configuration, we can see  under security-policy 2 rules. One for outboud update and one for inound update.

 rule name "Outbound Updates"
  source-zone local
  source-zone trust
  destination-zone untrust
  destination-address domain-set "Update"
  service http
  service ftp
  service dns
  service icmp
  service https  
  action permit
 rule name "Inbound Updates"
  source-zone untrust
  destination-zone local
  destination-zone trust
  source-address domain-set "Update"
  service http
  service ftp
  service dns
  service icmp
  service https
  action permit

 domain-set name "Huaewi Update"
  add domain sec.huawei.com

  Solution

When USG is connecting to sec.huawei.com, it is not connecting to the server from where the update is downloaded; sec.huawei.com will only return an IP address of the server from where USG will download the update package. In this way sec.huawei.com will return a server located close to your region in order to download faster the update package.

Try to remove the following commands from security-policy and it will work.
  • x
  • convención:

Maynez
GNOC Engineer at Huawei Technologies Co. Ltd
Todas las respuestas
Maynez Publicado 2019-4-20 14:20:53 Útil(0) Útil(0)
 Assume that you have an USG and you want to update the database.

 You can ping sec.huawei.com . In configuration FTP, HTTP, DNS, HTTPS, TCP 443, 12612 & UDP 12600 are allowed.
 
 Domain is configured but the update is not working. The following error is displayed " UPDATE/4/FAILURE:Failed to connect to the download server, please check the Internet connection, and try again later. (SyslogId=332, Module=IPS-SDB, Pre-UpdateVersion=2016061500, UpdateVersion=, Status=manual-update, Duration(s)=213) ". If we check the configuration, we can see  under security-policy 2 rules. One for outboud update and one for inound update.

 rule name "Outbound Updates"
  source-zone local
  source-zone trust
  destination-zone untrust
  destination-address domain-set "Update"
  service http
  service ftp
  service dns
  service icmp
  service https  
  action permit
 rule name "Inbound Updates"
  source-zone untrust
  destination-zone local
  destination-zone trust
  source-address domain-set "Update"
  service http
  service ftp
  service dns
  service icmp
  service https
  action permit

 domain-set name "Huaewi Update"
  add domain sec.huawei.com

  Solution

When USG is connecting to sec.huawei.com, it is not connecting to the server from where the update is downloaded; sec.huawei.com will only return an IP address of the server from where USG will download the update package. In this way sec.huawei.com will return a server located close to your region in order to download faster the update package.

Try to remove the following commands from security-policy and it will work.
  • x
  • convención:

Maynez
GNOC Engineer at Huawei Technologies Co. Ltd

Responder

Responder
Debe iniciar sesión para responder la publicación Inicio de sesi | Registrarse

Aviso: Para garantizar sus legítimos derechos e intereses, la comunidad y los terceros no publicarán contenido que pueda generar riesgos legales a las partes, por ejemplo, pornografía, contenido político, contenido sobre juego, consumo y tráfico de drogas, así como contenido que viole los derechos de propiedad intelectual de terceros, por ejemplo, secretos comerciales, marcas, derechos de autor, patentes y privacidad personal. No comparta su cuenta ni su contraseña con terceros. Todas las operaciones realizadas usando su cuenta se considerarán como sus acciones y todas las consecuencias que estas acciones generen serán responsabilidad suya. Para obtener información detallada, consulte la “ Política de privacidad.”
Si el botón para adjuntar no está disponible, actualice Adobe Flash Player con la versión más reciente

¡Ingresa y disfruta de todos los beneficios para los miembros!

Aterrizaje
Respuesta rápida Desplácese hasta arriba