Orbi WiFi 7 RBE973
Reply

SRX5308 dhcp & login problems

JorisN
Initiate

SRX5308 dhcp & login problems

Our company has 6 sites, each with a SRX5308 firewall and VPN connections between them.

These firewalls also have dhcp enabled since there is only 1 site that has a windows server, this is our main site which is the largest (~80 users).

 

Last week we started having problems with the firewall in the main site...

It stopped handing out new IP-adresses, and it won't let me login to the management console.

However it is still routing internet traffic for the clients that already had an IP and the VPN connections between the sites remain active, though they seem to be a bit unstable.

 

It's running the latest version of the firmware (4.3.4-2)

I've tried restarting it several times by turning it off and back on, but they problem remains. (web-interface won't load so I can't login, telnet won't work either)

 

Is there anything I can try besides doing a factory reset and configuring all the settings again?

 

The other firewalls are still running an older version of the firmware ( 3.0.7-29) and they are not having any problems...

Should I downgrade the firmware of the affected firewall?

 

 

Model: SRX5308|PROSAFE Gigabit Quad WAN SSL & IPSEC VPN Firewall
Message 1 of 5
DaneA
NETGEAR Employee Retired

Re: SRX5308 dhcp & login problems

Hi JorisN,

 

You may try to downgrade the firmware of the SRX5308 of the main site to v4.3.4-1.  Be sure to perform a factory reset after downgrading the firmware then reconfigure it from scratch.  Check if same problem occurs.

 

You can download firmware v4.3.4-1 here

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 5
SamirD
Prodigy

Re: SRX5308 dhcp & login problems


@JorisN wrote:

Our company has 6 sites, each with a SRX5308 firewall and VPN connections between them.

These firewalls also have dhcp enabled since there is only 1 site that has a windows server, this is our main site which is the largest (~80 users).

 

Last week we started having problems with the firewall in the main site...

It stopped handing out new IP-adresses, and it won't let me login to the management console.

However it is still routing internet traffic for the clients that already had an IP and the VPN connections between the sites remain active, though they seem to be a bit unstable.

 

It's running the latest version of the firmware (4.3.4-2)

I've tried restarting it several times by turning it off and back on, but they problem remains. (web-interface won't load so I can't login, telnet won't work either)

 

Is there anything I can try besides doing a factory reset and configuring all the settings again?

 

The other firewalls are still running an older version of the firmware ( 3.0.7-29) and they are not having any problems...

Should I downgrade the firmware of the affected firewall?

 

 


I wouldn't touch the srx until you find out if any changes have been made by the isp at that location.  If nothing has changed on your network and something like this happens, generally the problem is outside your network.

Message 3 of 5
JorisN
Initiate

Re: SRX5308 dhcp & login problems

No changes have been made to the ISP or internet connection.

 

 I already did a factory reset of the firewall last week, and reconfigured it from scratch, but the next day the problem occured again. Still have to try downgrading the firmware to see if this helps.

 

In the log there's also a bunch of error messages like the ones below:

 

Thu Mar 23 15:25:13 2017((GMT)) [SRX5308][Kernel][KERNEL] ERROR: miiSwitchRegisterRead: Timeout at page 0x1 addr 0x0
Thu Mar 23 15:24:21 2017((GMT)) [SRX5308][Kernel][KERNEL] ERROR: miiSwitchRegisterRead: Timeout at page 0x1 addr 0x0
Thu Mar 23 15:22:19 2017((GMT)) [SRX5308][Kernel][KERNEL] ERROR: miiSwitchRegisterRead: Timeout at page 0x1 addr 0x0
Thu Mar 23 15:22:13 2017((GMT)) [SRX5308][Kernel][KERNEL] ERROR: miiSwitchRegisterRead: Timeout at page 0x1 addr 0x0
Thu Mar 23 15:20:57 2017((GMT)) [SRX5308][Kernel][KERNEL] ERROR: miiSwitchRegisterRead: Timeout at page 0x1 addr 0x0
Thu Mar 23 15:20:12 2017((GMT)) [SRX5308][Kernel][KERNEL] [key_add:6082]: time(secs): 1490282354 inconsistent SA detected, Access denied for outbound SA for peer: 0x988d77ee

 

I've also found this thread where someone suggests it's because of heavy load (maxed out traffic)

I guess that's the case for us too. Maybe it's time to look for a new firewall with higher throughput...

 

 

Message 4 of 5
SamirD
Prodigy

Re: SRX5308 dhcp & login problems

The log messages here could possibly indicate a hardware issue as well.  I'd try the firmware downgrade and then get in touch with netgear support as these have lifetime support and warranty afaik.

Message 5 of 5
Top Contributors
Discussion stats
  • 4 replies
  • 4384 views
  • 0 kudos
  • 3 in conversation
Announcements