Operational Defect Database
BugZero found this defect 2112 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3OmSAI
Cannot connect to Firebox immediately after Fireware OS upgrade
Last update date:
1/26/2022
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
12.x
12.1.x
12.1
12.1.1
12.1.3
12.2.x
Fixed releases:
All
Description:
Issue
If you have just upgraded the Fireware OS version on your Firebox and find that you cannot connect to manage the Firebox with Fireware Web UI or WatchGuard System Manager, it could be a problem that occurs that causes the Firebox web server certificates to be deleted during the upgrade process. To confirm that this is the issue, connect to your Firebox with the CLI (command line interface), and use the diagnose command to verify if the nginx process is active. If the nginx process is active, the output of the diagnose command will have a line item similar to this below the Process list header: 1916 S 0.00 27544 4288 2568 Fri Jul 6 00:32:11 2018 0:00.03 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.c If you do not see this line item in the process list, your Firebox web server certificates may have been deleted. If you cannot connect to the Firebox with the CLI, you are likely experiencing a different issue. To learn more about the command line interface, see Fireware Command Line Interface Reference
Workaround/Solution
If you can connect with the CLI to confirm the nginx process has failed, you can use these steps to resolve this issue: In the CLI, use the configure command to enable the configuration command mode.Use this command to generate a new Firebox web server certificate: web-server-cert custom temp temp_o temp_ouUse the reboot command to stop and restart the Firebox. You should now be able to connect to the Firebox with Fireware Web UI or WatchGuard System Manager. If you use a signed certificate for your Firebox, you must upload it to the Firebox again. If you use a custom self-signed certificate, you must generate a new one. If you cannot use the command line interface to confirm the issue, the best solution is to reset the Firebox to its factory-default settings, and: Save your configuration file back to the Firebox; orRestore the backup file you created before you upgraded Fireware
