SNMP issues after upgrading firmware

AP_ILSAP_ILS
edited July 23 in Firebox - Other

I have a M4800 that was upgraded over the weekend to 12.11.3.B719894 and we monitor our interfaces with PRTG using SNMP v3. The logs in PRTG are reporting SNMP "No response" errors and our charts have gaps in them. We use netflow as well and it is not having this issue. The interfaces themselves are clean, no errors, packet drops etc. Anyone else seeing SNMP issues?

Comments

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @AP_ILS, The behavior you're describing with gaps and no response sounds like your SNMP server might be getting hit by the firewall's default threat protection policies. (I'd guess it'd most likely be UDP Flooding.)

    Adding the IP of your SNMP server to the blocked sites exception rule removes most of the default threat protection for that IP without having to change your thresholds for anything else.

    See:
    (Create Blocked Sites Exceptions)
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/intrusionprevention/blocked_sites_create_exceptions_c.html

    Can you please try adding the IP of your SNMP server to the blocked site exceptions list and see if that helps with the issue you're having?

    -James Carson
    WatchGuard Customer Support

  • AP_ILSAP_ILS

    Unfortunately, adding the exception made no difference and I disabled UDP Flood attack protection and that didn't help either. I rebooted it as well and no change.

  • 4Fingers4Fingers

    Hi

    I'm experiencing the same issue on a Firecluster M570.
    Since installing version 12.11.3, my PRTG probes have been unstable.
    I had to switch back to SNMP v1/2c for them to work properly again

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @AP_ILS and @4Fingers
    If you haven't already, I suggest creating support cases. You can do so via the support center link at the top right of this page.

    -James Carson
    WatchGuard Customer Support

  • AP_ILSAP_ILS

    I created a ticket with support. Ticket# 02278301

  • AP_ILSAP_ILS
    I can’t really explain why but SNMP v3 is stable for me again. Support says they made no changes but the errors have stopped and things are working like they did before the upgrade.
  • james.carsonjames.carson Moderator, WatchGuard Representative

    @AP_ILS If you run into that issue again, you can re-open your case at any time by replying to it.

    -James Carson
    WatchGuard Customer Support

  • RogerFinchRogerFinch

    Yeah, we had exactly this, with 4 M470s and a T20. Some will work, some will outright fail and refuse to add, and some add, then go red occasionally with the same error. all in PRTG. ran the PRTG SNMP Tester tool and that responses with all the interfaces fine. Happened with the Watchguard 12.11.3 code.

  • RogerFinchRogerFinch

    Ticket 02283285 for me

Sign In to comment.