NAT/2/hwVSUServiceFaultAlarm_active

Procedure

• Cause 1: A port of the CGN public ip is being attacked.

  1.Obtain the IP address and VPN information from the log message. nat flow-defend reverse-blacklist lock-ip-address manual-unlock command in the system view. In addition, configure rules for filtering out attack traffic on the network-side device based on traffic traits that can be determined based on BlacklistKey carried in log information.The preceding method helps eliminate attack traffic's impact on forwarding performance of the CGN service board.

  • If the clear log is generated and attack traffic disappears for hours, go to Step 3.
  • If the log persists, go to Step 2.

  2.Run the reset nat flow-defend reverse-blacklist lock-ip-address command in the system view. In addition, configure rules for filtering out attack traffic on the network-side device.

  3.Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 2: A CGN public ip is being attacked.

  1.Obtain the IP address and VPN information from the log message. nat flow-defend reverse-blacklist lock-ip-address manual-unlock command in the system view. In addition, configure rules for filtering out attack traffic on the network-side device based on traffic traits that can be determined based on BlacklistKey carried in log information.The preceding method helps eliminate attack traffic's impact on forwarding performance of the CGN service board.

  • If the clear log is generated and attack traffic disappears for hours, go to Step 3.
  • If the log persists, go to Step 2.

  2.Run the reset nat flow-defend reverse-blacklist lock-ip-address command in the system view. In addition, configure rules for filtering out attack traffic on the network-side device.

  3.Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 4: A great number of centralized NAT users failed to get online.

  1. Run the display nat statistics discard command to check the causes of packet loss, for example, whether the problem is caused by insufficient resources.

  2. One minute after the failure is rectified according to the cause, the alarm will be cleared. If the alarm persists, go to Step 3.

  3. Collect alarm, log, and configuration information and contact technical support engineers.

• Cause 5: An attack initiated using forward first packets was detected.

  Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 6: CGN ALG FTP session resources were used up.

  Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 7: CGN ALG RTSP session resources were used up.

  Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 8: CGN ALG SIP session resources were used up.

  Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 9: CGN ALG PPTP session resources were used up.

  Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 10: CGN ALG TOTAL session resources were used up.

  Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 11: CGN ALG SIP user resources were used up.

  Collect alarm information, log information and configuration information, and then contact technical support personnel.

• Cause 12: Failed to create a large number of NAT sessions due to lack of NAT session license resources.

  Update the NAT session license of the device.