cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1991
Views
5
Helpful
5
Replies

A few annoyances with the RV340 1.0.03.15 FW update

Fred Johnson
Level 1
Level 1

Just a few things I've noticed off with the new firmware and wanted to pass along:

  1. The blinking yellow caution icon at the top won't go away "Download firmware fail" I'm already upgraded though.. it would be nice if there was a way to clear this icon. There's another thread about this but I'd rather not upgrade again. I'll do it from file rather from cisco.com next time I guess.
  2. We set up email alerts and everything I log in (even with the correct credentials) I receive this email "<info>weblogin: pam_krb5(weblogin:auth): (user cisco) authentication failure"
  3. One of our firewall access rules silently failed. This rule allowed incoming traffic from a source ip so it was no big deal. I disabled the rule, re-enabled the rule, and then traffic was restored. Edit: This turns out to be a reoccurring problem, read below.
  4. The browser cache initially made it impossible to log in but most of us know to clear the browser cache after upgrading.

Other than that, everything has been great, thanks!

1 Accepted Solution

Accepted Solutions

nagrajk1969
Spotlight
Spotlight

Hi

In case some of you are still waiting to solve the below issue:

 

>>>>I log in (even with the correct credentials) I receive this email "<info>weblogin: pam_krb5(weblogin:auth): (user cisco) >>>>authentication failure"

 

To stop getting the above pesky messages everytime with logins, go to system-mgmnt/user-accounts page in GUI and if you scroll down below some...there will be "Remote Authentication Service"....and here

 

- in case you are NOT USING AD/LDAP/RADIUS for offloading the user-authentication to external servers, then kindly please delete all the 3 entries AD, LDAP, Radius - even if they are empty and not used/enabled.

- then apply/save

 

Now try by log-out of GUI and login to GUI again...test with giving a wrong user-auth credentials...it should result in email-alert...and then try with correct user-credentials...you should NOT see the above messages about pam-krb (its related to AD-Kerberos module i think)...

 

Please note: The order of user-auth priority-order is always AD/LDAP/RADIUS/Local-DB-user-accounts...if one of them is enabled and reachable and the user-account is not available or fails, then the authentication is considered as fail and wont check the subsequent user-db next...

 

 

View solution in original post

5 Replies 5

Fred Johnson
Level 1
Level 1

Unfortunately, #3 came back to bite us. Occasionally, when an interface gets knocked out, we will lose a firewall rule which disrupts our VPN. We have two UDP ports that are forwarded (from WAN1 and WAN2 to VLAN1), then two firewall rules for each port to allow traffic from a specific ip and deny traffic for everything else. After the upgrade, the port forward on WAN2 will stop working and I'll have to go in and reset the firewall. Making any change to the firewall rules seems to restore traffic so I usually just disable and enable any firewall rule just to reset the firewall. This has been happening for months.

 

I've tried various fixes like deleting the rules, re-adding them, and changing the ordering but it doesn't seem to help. I guess the next step is to try a factory reset. We did not have this problem with the previous firmware version. Kind of regretting upgrading now.

CristianDuc
Level 1
Level 1

Hello, I follow up this thread because I also have the issue #2, it is literally spamming my email everytime I login to the router. Did anybody find a solution? Thanks a lot

nagrajk1969
Spotlight
Spotlight

Hi

In case some of you are still waiting to solve the below issue:

 

>>>>I log in (even with the correct credentials) I receive this email "<info>weblogin: pam_krb5(weblogin:auth): (user cisco) >>>>authentication failure"

 

To stop getting the above pesky messages everytime with logins, go to system-mgmnt/user-accounts page in GUI and if you scroll down below some...there will be "Remote Authentication Service"....and here

 

- in case you are NOT USING AD/LDAP/RADIUS for offloading the user-authentication to external servers, then kindly please delete all the 3 entries AD, LDAP, Radius - even if they are empty and not used/enabled.

- then apply/save

 

Now try by log-out of GUI and login to GUI again...test with giving a wrong user-auth credentials...it should result in email-alert...and then try with correct user-credentials...you should NOT see the above messages about pam-krb (its related to AD-Kerberos module i think)...

 

Please note: The order of user-auth priority-order is always AD/LDAP/RADIUS/Local-DB-user-accounts...if one of them is enabled and reachable and the user-account is not available or fails, then the authentication is considered as fail and wont check the subsequent user-db next...

 

 

Hi nagrajk1969,

Following your advises I could avoid the pesky login failure message.

Now only wrong passwords generate the mail allert.

Gratefully 

Cristian

 

 

 

 

Thanks a lot! Fixed on my router too with 1.0.03.14 FW.