Re: SMB appliance 1570 Pre Manual Rules

Attiq786 · ‎2021-02-25

Hi All,

one of our clients has seven 1570 SMB appliances and they were configured by someone who has left the company.

we are having an issue with one of the gateways which was connected just to find out that there is a Pre Manual rule at the top which is managed by cloud services and blocking all internet traffic as per attached.

All devices are managed by SMP, but on smb management portal, I cannot find the block rule. I have tried to uncheck the box (Manage in SMP) so firewall blade and access policy are not managed from cloud but it does not let me edit Pre manual rules and I cannot find where these rules are defined on the portal. access rules and URL sections are empty in the portal.

I have also tried disabling cloud services and enabling them again but the rule cannot be edited at all.

any suggestions please?

G_W_Albrecht · ‎2021-02-26

This is documented in sk118035 and in Security Management Portal Administration Guide R12.30 p.41f:

Pre local rules are fetched before the local manual rules (created in the local settings of the Firewall Software Blades). A local administrator cannot create manual rules to override pre local rules configured by the SMP administrator.
Note - The gateway local administrator can edit only the manual rules. Pre/post local rules are locked.
Pre/post local rules are managed by Cloud Services. When you turn off Cloud Services, the pre/post local rules are deleted.

So if there is no higher SMP Administrator Account available i would suggest to contact TAC.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Attiq786 · ‎2021-02-26

@G_W_Albrecht Thanks for the reply.

I have contacted TAC and as usual they advise to upgrade the firmware.

I read the manual and found the same statement to turn off cloud services. did that but that did not help.

Thanks for your help.

G_W_Albrecht · ‎2021-02-26

I would do a reset to factory defaults keeping the firmware version (after creating a backup file and removing it from SMP) and connecting to SMP again. Upgrading to R80.20.20 (992001869) as suggested by CP is a good idea, but i think it will not resolve the issue 😎

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Attiq786 · ‎2021-02-26

Thanks. this seems better option.

G_W_Albrecht · ‎2021-03-01

Did you try that yet ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Attiq786 · ‎2021-03-01

Hi @G_W_Albrecht

CP advised to install an EA firmware, which i refused to do on a production environment. After escalation, they have advised to delete the device from SMP and add again, as these rules were no where to be seen on SMP.

doing that today. will update if successful.

Attiq786 · ‎2021-03-03

we tried to replace the firewall again and without doing any suggested actions, i tried to remove the rules but i could not. strangely though i could disable them. which sorted the issue.

did not have to disconnect from cloud. Not sure what happened.

G_W_Albrecht · ‎2021-03-03

Not understandable to me, but glad it works now !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Are you a member of CheckMates?

SMB appliance 1570 Pre Manual Rules