Security

 View Only
last person joined: 6 days ago 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.
  • 1.  SSG20 device suddenly can not connect to NSM anymore

    Posted 03-11-2009 05:12

    Hi all.

     

    I have a strange problem. The SSG-20 device had been configured to work with NSM for approx. 2 years without problems. A few days ago, suddenly the connection to the NSM fails to establish. I can see that the connection is initiated from the SSG20 to the NSM server. On the NSM server i can see the connection using  netstat -an. This confirms that the firewall can reach the NSM server, just like the other firewalls.

    After digging in the logfiles on the NSM server the following lines in the /var/netscreen/DevSvr/errorLog/deviceDaemon.0 may be related to this issue:

     

    [03/11/2009 12:27:59.996] [Error] [12342976-connectionMgr.c:2706] Incoming connection has failed to send PET (Protocol Edition Tag), Disconnecting
    [03/11/2009 12:27:59.996] [Error] [12342976-netPlug.c:213] No NULL disconect functions or opaque allowed in netPlugAttachCallbacks
    [03/11/2009 12:28:00.012] [Error] [12342976-netPlug.c:30] Default  DataXfer callback function
    [03/11/2009 12:28:00.013] [Error] [12342976-sessionPlug.c:3509] cspSessionDataMsg Message not accepted after test for auditLogManager OKtosend IQ depth 0 OQ depth 0

    I really need some help on this one. I have tried disabling / enabling NSM on the SSG, tried several options, but nothing seems to solve this problem. The strangest thing is: It used to work fine!

     

    NSM version 2007.2r1

    Build LGB8z1eo

    Updates: 1.8_010_6.0

     

    SSG20 5.4.0r4.0~av-k

     

    Any help will be appreciated

     

    Regards,

      Jan



  • 2.  RE: SSG20 device suddenly can not connect to NSM anymore
    Best Answer

    Posted 03-11-2009 05:28

    Hi Jan,

    just to clarify, is this the only device managed by this NSM server or do you have other devices that are working fine?

    If you have other devices connected and working fine, you can do an RMA/re-activate to re-initialize the communication between the NSM and the SSG.

     

    Ciao

    Daniele



  • 3.  RE: SSG20 device suddenly can not connect to NSM anymore

    Posted 03-11-2009 06:05

    Hello Daniele,

     

    That sounds like a good option. Will this have impact on the running firewall? I do not want to interrupt the network connectivity.

     

    Regards,

      Jan



  • 4.  RE: SSG20 device suddenly can not connect to NSM anymore

    Posted 03-11-2009 07:58

    It will not have an impact on your traffic. This would just break the SSP tunnel between NSM & the device, reestablish that.


    Thanks,
    Chandra



  • 5.  RE: SSG20 device suddenly can not connect to NSM anymore

    Posted 03-12-2009 02:08

    Hi Jan,

    for a step-by-step procedure about the RMA/re-activate procedure follow this KB article:

    http://kb.juniper.net/KB4549

     

     

    Ciao 🙂

    Daniele

     



  • 6.  RE: SSG20 device suddenly can not connect to NSM anymore

    Posted 03-12-2009 02:16

    Hello Daniele

     

    Thanks for the tip on RMA/reactivate. I have just reestablished the connection between the SSG20 and NSM.

     

    It still troubles me that a firewall can suddenly decide to refuse communications with the NSM server.

     

    Anyway, the problem is solved.

     

    Thanks again,

     

    Jan


    #re-activate
    #RMA
    #NSM