cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5541
Views
0
Helpful
37
Replies

WRVS4400N - IPS Causing Lockup(s)

sfluker4511
Level 1
Level 1

Firmware Release        v2.0.0.8

IPS Signatures            1.42

ProtectLink                 Not Activated

Log Level Enabled to    0,1,2

Outgoing Log               Disabled

Incoming Log               Disabled

Loccal Log                  Disabled

E-Mail Alerts               Enabled

DoS thresholds           20

Log Queue Lentgh       100

Log Time Threshold     1440

Syslog Server              Disabled

Output Blocking Event Log     Disabled

If more information is needed I can always upload my backup configuration.

I was doing alot of reading on the forums and came across some articles about how having IPS turned on will degrade the network performance, so I wanted to test this on my network, I've found that if I keep IPS on, everything seems to work just fine.

However if I disable IPS within 2-3 days the router will stop functioning.

My internet connection becomes sporadic at first then stops functioning completely a couple hours after the initial outage.

When this occurs I can't even reach the administrative webpage on the device, I have to power cycle it to restore connectivity, if I leave IPS off, repeat scenario, after 2-3 days it'll lock up again.

If I turn the IPS back on, everything functions fine for days... weeks... months...

Is anyone else seeing this?

other than the obvious leave IPS on, any thoughts?

I'm pretty sure there is a problem here, I just dont know if i'm the only one experiencing this, or if this is a known bug of some kind.

37 Replies 37

sfluker4511
Level 1
Level 1

No responses to this? am i in the right forum to be asking this type of question?

With the wrvs4400n, there is not a known issue with the device and ips locking up.  I have a couple questions for you to help understand the situation. 

1: Did you upgrade the firmware to the latest?

  • If so, did you backup your configuration/ do a factory reset/ reload your configuration after the firmware?  If not, lets try that.  Backup your configuration, Reflash the Firmware, Factory reset the device, and reload the configuration.   Once you do this test it for a couple of days with the IPS turned off and see if your seeing the same issues.

I just performed a Flash update as I've done in the past, I want to say I've only been bringing the device back from the dead with a power cycle

I'll backup the configuration, and perform a hard reset on the device, then reapply the config again, and see how it responds.

Perfect, yeah let me know how it goes after you do that. 

I am very interested in the results of this. I recently purchased the WRVS4400N router which came with version 2.0.0.8 (the most current version) of the firmware already installed. I am experiencing hard lock ups as described above on an almost daily basis. A power cycle reset is the only way to get the device back up. When I disabled IPS it locked up in a couple of hours. That may be coincidence but I quickly re-enabled IPS and it has been up for just over 24 hours now. The device has been on an APC UPS since I purchased it so I don't believe that power fluctuations could be an issue. Any advice or help would be greatly appreciated as my users (wife and a friend accessing my FTP server) are very upset with the reliability. I purchased this rather expensive (for me) device in the hopes that it would last longer than Belkin, Linksys, and Netgear but those routers stayed up well where this one is not doing so.

My router locked up last night but I have much more information from the logs that the router Emailed to me. I cannot seem to past into this text box so I created a text attachment. It looks like there is a memory leak and the router is shutting itself down. The messages arrived in several different Emails and were cut and pasted into a single document. The blank line indicates where I reset the router.

I hope this information can help someone get to the bottom of this.

I haven't had the time to play with this since the recommendation of backing up the config and recycling the device completely, however you bring up a point that I didn't think of, I just cranked up all my logging and disabled IPS, i'm sure my network will die in about 2 days or less... it's just frustrating when it does because the router isn't in the most convenient of spots

I have just received more log messages:

ip_conntrack: table full, dropping packet.  (seven times)

smtp.3web.com: unknown host

That is a valid host. It is my ISP's smtp server.

As noticed with past experiences, with IPS disabled, the router has started acting up, it appears as though the WAN link is sporadically shutting down, and the DHCP server has died entirely.

I've just managed to get around to doing more tests on this, I just reloaded the latest firmware, performed a hard reset on the device, and reloaded my config file.

I'll update this thread again in a couple of days when i suspect the router will stop functioning again.

WiFi is acting up again, appears the DHCP server may be offline again, I am unable to access the device through the administration portal as well.

I have the logging cranked to max, and I'm not receiving any alerts on anything which seems odd to me.

WAN & LAN connectivity appears to be okay, so far, but as seen in past experiences this will start becoming and intermittent connection.

Does anyone know if there are any SSH ports open that I can connect to the device directly and see what's going on here?

Appears as though the device has once again failed entirely, started with WiFi dumping, and now the local WAN / LAN connections are failing.

I'm not able to access the device via the admin portal, and no logs appear to have been sent out indicating any problems with the device.

I have opened a case with Cisco support. The case number is 615758881. I cannot find out how to update this case with any new information. I am finding their site very difficult to navigate. I must say that I am somewhat dismayed at Cisco's lack of concern for problems with their products and/or firmware. I purchased a Cisco product because of their reputation for good reliable products. I was tired of replacing other routers every one or two years because they stopped working. At this point I have to say that their reputation is NOT deserved.

The support rep suggested changing some settings and seeing how things go. I should know if it is helping by tomorrow morning. One of the things I was asked to turn off is logging. The rep seemed to feel that this may be chewing up the memory. I am using nagios to keep an eye on the router and it will Email me when it fails. Because I am running Linux, I have a mail server on my local machine and can get the Email when the router is down.

Before I started these tests the device was up for 16 days straight, and would have been longer but my power went out and the UPS it was attached to drained as well.

after doing these tests throughout the weekend, I power cycled the device yesterday when it failed, and re-enabled the IPS on the device.

I currently still have my Log Level set to ALL, previously I was only logging 0,1,2

should the device start having problems again, I can probably attribute it to the LogLevel, otherwise this doesn't seem like a reasonable response, if the Logging is causing the device to stop responding then there is probably a problem with the firmware and/or Log Rolling that still needs to be corrected.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: