Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19
  1. #11
    Untangle Ninja Jim.Alles's Avatar
    Join Date
    Jul 2008
    Location
    Central PA
    Posts
    2,520

    Default

    Since you have the security of having two boxen, I would get mad and pave over the install on one, and see if it helps.

    Turn automatic upgrades off on both. Get deliberate about that.
    https://forums.untangle.com/tips-tricks/43373-preparing-upgrade.html

    Keep the other one as-is; don't mess with it until v16.0 is announced in the forum and available on the website. Then download that and do a fresh install off-line.

    Also please be careful of the SSH access. enabling the default rule opens it to the Wild & Woolly Web. Here is a thread with my example rule-set, and a bit of a discussion about this matter.
    https://forums.untangle.com/hardware/43251-intel-x550-t2-network-adapter.html#post243317
    Last edited by Jim.Alles; 07-20-2020 at 09:48 PM.

  2. #12
    Untangler
    Join Date
    Apr 2015
    Posts
    31

    Default

    Quote Originally Posted by Jim.Alles View Post
    Since you have the security of having two boxen, I would get mad and pave over the install on one, and see if it helps.

    Turn automatic upgrades off on both. Get deliberate about that.
    https://forums.untangle.com/tips-tricks/43373-preparing-upgrade.html

    Keep the other one as-is; don't mess with it until v16.0 is announced in the forum and available on the website. Then download that and do a fresh install off-line.

    Also please be careful of the SSH access. enabling the default rule opens it to the Wild & Woolly Web. Here is a thread with my example rule-set, and a bit of a discussion about this matter.
    https://forums.untangle.com/hardware/43251-intel-x550-t2-network-adapter.html#post243317
    Hmm I have automatic upgrades enabled. What is the thinking behind disabling it? Only upgrade if needed or advised by Untangle? We also had been restarting the firewall weekly, I just saw Untangle's official guidance is to not reboot NGFW unless required.

  3. #13
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    25,056

    Default

    Quote Originally Posted by sduffey View Post
    Hmm I have automatic upgrades enabled. What is the thinking behind disabling it? Only upgrade if needed or advised by Untangle? We also had been restarting the firewall weekly, I just saw Untangle's official guidance is to not reboot NGFW unless required.
    Some upgrades, like the one from v15.0 to v15.1 come with an OS level replacement, if you're going to corrupt a file it's going to be then. If those installs have been running since before v14.0, then you've gone through THREE kernel replacements and two full OS upgrades.

    If your installs developed minor corruption during any of these upgrade processes, this will crop up. The point is since you have two of them, you're free to just blow one away and start over fresh with a brand new v15.1 installation. It's a bit of a stretch, but it's something to rule out.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #14
    Untangler
    Join Date
    Apr 2015
    Posts
    31

    Default

    Quote Originally Posted by sky-knight View Post
    Some upgrades, like the one from v15.0 to v15.1 come with an OS level replacement, if you're going to corrupt a file it's going to be then. If those installs have been running since before v14.0, then you've gone through THREE kernel replacements and two full OS upgrades.

    If your installs developed minor corruption during any of these upgrade processes, this will crop up. The point is since you have two of them, you're free to just blow one away and start over fresh with a brand new v15.1 installation. It's a bit of a stretch, but it's something to rule out.
    Ok makes sense, I will try to "pave" the offline box and restore the config. Thanks for all the help.

  5. #15
    Untangler
    Join Date
    Apr 2015
    Posts
    31

    Default

    I never did "pave" a box because I think corruption is not the issue. When I recently flipped one box active and the other to backup I noticed the appliance I just brought online was able to view the sessions normally, for a few minutes. However after a few minutes passed it started throwing the same JSON exception error as the other box had when viewing sessions. To further test this I once again flipped back to the original appliance and the sessions showed up on that box as well, for a few minutes until it started throwing the errors again.

    It sure seems like something on the network is causing this behavior but I have not been able to get any solid direction from Untangle support on how to narrow it down or troubleshoot it. It's been sort of a shoulder shrug response. I'd appreciate it if anyone has some ideas on how I can further track down the issue, thanks!!

  6. #16
    Untangler
    Join Date
    Apr 2015
    Posts
    31

    Default

    Update, after going back through support responses I looked again at an error they found from the WebFilter app that was: ERROR Could not parse (illegal character); system on support-itivity.unitrends.com (itivity)

    Just for the hell of it I disabled the WebFilter app on that drawer of NGFW and BOOM, I could once again view sessions on the appliance. Now I am trying to figure out what exactly in the WebFilter app is causing the behavior. I tried doing a PASS rule in the app for the device that was throwing this error but it didn't fix the problem.

  7. #17
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,096

    Default

    The issue is the site is using TLS 1.0 which is not supported by many systems since it is broken. TLS 1.2 is the minimum now.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  8. #18
    Untangler
    Join Date
    Apr 2015
    Posts
    31

    Default

    The Unitrends site is using TLS 1.0?? (EDIT: I verified the two URLs that appliance was trying to reach have TLS 1.0 enabled)
    Last edited by sduffey; 09-08-2020 at 11:13 AM.

  9. #19
    Newbie
    Join Date
    Sep 2020
    Posts
    11

    Default

    Try pulling up chrome or firefox developer tools and looking at the Network tab, in chrome turn on "Preserve Log" so if you refresh the page after it crashes you still have access to the JSON responses. On the left side where it shows the incoming response, scroll through the list. More than likely it will be a recent response near the top, could be red if it throws a backend error. Read the response of each line and see if you can figure anything out. Also the main console tab could shed some light, might be an error in there too.

    2oKQPF (1).png
    Last edited by Kryptonit3; 09-08-2020 at 09:55 PM.
    Jim.Alles likes this.

Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2