Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Firebox II locking up and inoperable

Status
Not open for further replies.
Irestone

Irestone

MIS
Aug 2, 1999
11
US
We have been using a Firebox II as our firewall/VPN/gateway for a couple of years without issue, and beginning a few days ago (1/1/03) the Firebox began going down. The lights on the front remain on, but the system no longer says that it's "armed", you cannot connect to the Internet from within our network, cannot establish a VPN connection from outside, etc. The system is not operational, BUT if I turn the system off and open up the Firebox the system can be fixed temporarily when the memory and processor are removed and re-seated. This fix typically lasts for 5-12 hours.

My company longer has a support contract with Watchguard since we are a small company and do not make frequent changes to our Firebox, and therefore cannot justify the expense of a support contract. I'm wondering if anyone can give me an idea of what might be going on with the Firebox. I don't know whether to start looking for a replacement Firebox, if maybe the processor or memory sounds like it's dying and the fix is to find replacement memory or a replacement Pentium MMX processor (and whether or not I can use typical components I can buy online, or if I have to get pieces made for use in a Firebox).

If anyone can offer some direction, I would appreciate it.
 
Sort by date Sort by votes
You can replace the processor and CPU with the same components, they are not specifically made for the FB.

AM
 
Upvote 0 Downvote
Also, what version of the software are you running?

AM
 
Upvote 0 Downvote
I believe we're running version 4.61.

Do you know what kind of RAM is in the Firebox II? Since we don't have a support contract, I can't get ANY information out of the folks at Watchguard.

Thanks for your help!
 
Upvote 0 Downvote
You can upgrade/replace the memory. Whether that would resolve the issue is uncertain. You can replace your memory with PC100 DIMMs. Doing so will void the warranty, but that is a non-issue for you.

If you add memory above 64MB, it will be used for swap files.

Version 4.61 is a stable version. You are missing a few things that the newer versions have (such as 1:1 NAT), but it is solid nonetheless. You could always resend the image to the FB if the one you are running has become corrupt for some reason.
 
Upvote 0 Downvote
Thanks for the help 'ashleym' and 'NtrOP'. The issue was "fixed" for a couple of weeks after I shut of the syslog feature and we put the memory into slot 2 of the Firebox. After a 2 week hiatus the problem has come back. To me this sounds like some bad memory, but another person said they have seen issues like this pop up because of disk space issues on the syslog server. I just wanted to bouce this off the Tek-Tips folks before settling on a bad memory solution.

A couple of final questions:
Ever heard of the syslog problem with a Firebox II before?

When you advise that I resend the image to the firebox, I assume you are talking about the backups which are created when I update a feature of the firebox. Is it a straight-forward process of just uploading the saved image to the firebox?

Thanks again for your help. I apologize for the stupid questions, but I'm fairly firewall illiterate!
 
Upvote 0 Downvote
I am not aware of any syslog issues. A disk space issue on the syslog server causing problems doesn't sound out of the realm of possibility. Do you actually have a drive space issue on your syslog server? I have only use the WG Control Center logging. Haven't had any problems with it.

When I mentioned re-sending the image, all you need to do is save your config file to the FB. When doing so, it will bring up a dialog box where you can select "Save to Firebox" and then under that heading select "Save configuration file and new flash image". I don't believe this option has changed between 4.61 and 6.1.
 
Upvote 0 Downvote
We had almost a gig of free space on the syslog server (on an 8 gig partition). I don't think that was the issue. I'll let you know if I see any symptoms return now that we have a new stick of PC100 memory in the firebox.

Thanks for the clarification on re-loading an image. I've done that before, and wanted to first make sure it's what you meant.

Thanks again for all the helpful suggestions. I think that we're all set now that this problem seems to be solved. I appreciate all the help!
 
Upvote 0 Downvote
FYI, The disk storing the logs on my syslog server did fill up once. All the Firebox did was quit logging (the name of the "currently logging to:" machine on the control center was blank). System performance was not effected.
 
Upvote 0 Downvote
Great background info. Thanks again for the help and clarification of what happens when the syslog server fills up. That is very helpful!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
729
Sameer258
Sameer258
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
549
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
476
Nitta84
Nitta84
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
201
hairlessupportmonkey
hairlessupportmonkey
texwiz
  • Locked
  • Question
need some help to properly set up, segregate and secure a network with an ASA 5505
Replies
2
Views
177
texwiz
texwiz

Part and Inventory Search

Sponsor

Back
Top