cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
668
Views
1
Helpful
2
Replies

RV180 ReOrder Firewall Deny Access Rule Fails

jevans
Level 1
Level 1

Hi, I've been using a few of the RV180s for a few years and have had some issues in the past which were resolved a couple of years back by upgrading the firmware to the latest 1.0.5.4 with PID V01. I have used up all possible Access Rules (100) in the past and have deleted some unwanted rules but now when I try to move/reorder a Deny Access Rule it generates and error on save "Firewall configuration has failed". I have also tried deselecting the the rule before hitting save and I get another error "i18nHTMLMissing". I can move Access Rules with Allow.

I cleared all logging and tested the reorder again and same issue. Turned on debugging and all logging and noticed this under information

Wed Apr 12 07:18:01 2017(GMT-0500) [rv180][Kernel][KERNEL] [209726.040000] Clearing the ISR c0941d40
Wed Apr 12 07:18:01 2017(GMT-0500) [rv180][Kernel][KERNEL] [209726.040000] Clearing the ISR c0941800

This is the only thing that would come close to logging anything for this error. All other logs are empty, I am running iPsec which is up and running.

All other firewall rules seem to behave in the normal fashion, except for the odd time rules do not seem to apply immediately and sometimes takes a few minutes to a couple of hours for the actual rule to become active, other times rules work immediately.

I am able to duplicate this problem on my other RV180s, only after the firewall rules reached its limit of 100 and reduced the number to by half or by uploading the configuration into another RV180.  I have also tried reflashing the firmware on them and the same error persists.

Any help would be appreciated, very frustrating when trying to deny netblock attacks from lets say Vietnam or Poland.

Jim

2 Replies 2

ktonev
Cisco Employee
Cisco Employee

Hello Jim,

My name is Kristian and I am one of the engineers at Cisco SBSC.

I apologize for any inconvenience caused by this error.

I suggest opening a support case with us so an engineer can assist you further with this issue.

You can find our contact details here.

Thanks,
Kris

Hi Kris,

I'm was hoping to receive some help within this community and not be slapped and forwarded to your SBSC dept who then chooses to ask me to pull out my wallet in order to troubleshoot, for Cisco, a bug with their own IOS on this particular box. This is asking a bit too much. This is not the only bug I see with these SB routers, perhaps someone there should open up a considerable amount of funding to fix these pesty bugs instead of waiting for a next firmware release. On this particular router the release version of 1.0.5.4 is from 2015. I've seen enough complaints on this particular router which should warrant a more competitive firmware update program, not much to say for keeping your long existing customers very happy, over 25yrs..

Now you do realize that a firewall not being able to reorder access rules for "deny" is useless as a firewall. As you see any new deny or existing rule(s) cannot be reordered to the beginning where most deny statements should be, especially connected to the internet these days.

Not a very happy camper..
Jim

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: