Device Reboot bricks Zyxel USG FLEX / ATP Series Firewalls (March 2022)

[German]The manufacturer Zyxel seems to have a problem with Zyxel USG FLEX / ATP Series Firewalls. With a certain firmware, the Zyxel USG FLEX / ATP Series Firewall can no longer boot successfully and hangs. The manufacturer warns about the configuration and is working on a firmware update that fixes this problem.


Advertising

Blog  reader Mario pointed out the device reboot issue on Zyxel USG FLEX / ATP Series firewalls with the latest firmware in this comment (thanks for that). From Zyxel there is a support article USG FLEX / ATP Series – Device Reboot cause my device can´t boot up successfully (Sys blinking) – Recover SOP! from March 14, 2022. In it, Zyxel confirms that it is aware of an unexpected behavior that causes some of the company's firewall products to fail to boot up successfully under certain conditions.

Affected: Firewall ATP and USG FLEX series

Firewall devices in the ATP series and USG FLEX series are affected. An affected device fails to boot up successfully. The firewall firmware hangs during startup and cannot stop the SYS LED from flashing. The LED continues to flash continuously. However, the following conditions must be met for the error to occur:

  • The device type is ATP or USG FLEX
  • The device has an active UTM/security license
  • The device is using an IDP or App Patrol license
  • The device is in on-premise or Nebula on-cloud mode
  • The device has been rebooted

Because the problem of the hanging firmware only occurs after the reboot. So as long as the firewall is not rebooted, it should continue to work. Zyxel is working on a firmware update for all customers who have not yet rebooted the device. The manufacturer expects the new firmware to be ready early this week and plans to send customers with information about 5.21 Patch 1 via the MyZyxel newsletter.

Customers who have enabled features such as "Auto Reboot" / "Schedule Reboot" are strongly recommended by the manufacturer to disable this feature until the firmware 5.21 Patch 1 is ready and can be updated.

A workaround

For customers whose firewall hangs in boot mode, Zyxel recommends performing the procedure described in the support article to bring the firewall appliance back to life via recovery.  


Advertising

ATP-Serie und USG FLEX-Serie Recover


Advertising

This entry was posted in devices, issue and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).