AimanHakim Lv2Posted 05 Mar 2024 20:53
  
Hi, is it possible to show these requirements.

1.  Show your network interface status like which port is used for WAN/LAN? You can blur the ip for safety.
2. The status of CPU and RAM on dashboard.

I'm not an expert but we'll work something out
Enrico Vanzetto Lv4Posted 05 Mar 2024 23:32
  
Hi, as i see in previous answers it's not a licence issue. have you double check that the interface you want to use has to be up and active? Please, in order to understand better your scenario, explain your network scenario (interfaces used, ip address NGAF, NGAF software version).Have you already tried to factory reset the device?Do you have already update Sangofr NGAF to latest version?

If you need to perform a factory reset on your Sangfor NGAF (Next-Generation Application Firewall), follow these steps:

WebUI Method:
Log in to the WebUI of your NGAF.
Navigate to Maintenance > Backup/Restore.
Click on Restore Factory Default.
Sangfor Firmware Updater Method:
Download the Sangfor Firmware Updater and install it on a PC.
Connect the PC directly to the NGAF port.
Launch the updater and search for the NGAF’s IP address.
Verify that the inserted IP matches the correct one.
If there’s a discrepancy, it might be a user input error.
If needed, reach out to Sangfor’s technical support for further investigation.
Resetting Admin Password:
If you’ve forgotten the admin password or it has been changed by someone:
Create an empty text file named reset-password.txt or copy the existing reset-password.txt file to the root directory of a USB drive.
Insert the USB drive into the NGAF device.
Restart the NGAF device.
When the device can normally log in to the WebUI, remove the USB drive.
Check the results in the reset-password.log file on the USB drive:
If the recovery is successful, record the restored console password.
Otherwise, the log will indicate recovery failure.
Notes:
The reset-password.txt file can be created directly on a Windows system.
Ensure the file is in the root directory of the USB drive.
The USB drive can have a single or multiple partitions. For a single partition, the format must be FAT32. For multi-partition drives, the text file should be in the first partition, which must also be formatted as FAT32.

Instead,to update your Sangfor NGAF (Next-Generation Application Firewall), here are the steps you can follow:

Check Firmware Upgrade Path:
Visit the Sangfor self-service portal.
Navigate to the download section and select NGAF.
Download the latest version of NGAF (e.g., version 8.0.47).
Download Sangfor Updater:
From the same download menu, select tools.
Download the Sangfor Updater.
Prepare for Firmware Update:
Log in to the NGAF management interface.
Make sure the port required for firmware updates is available.
Update the Firmware:
Use the downloaded Sangfor Updater to perform the firmware update.
pmateus Lv2Posted 06 Mar 2024 00:36
  
Hi,
Check if you have have the wan interfaces configured and Enable VPN Service ?
Newbie676529 Lv1Posted 06 Mar 2024 12:17
  
Last edited by Newbie676529 06 Mar 2024 12:36.

Last edited by Newbie676529 06 Mar 2024 12:28.

Hi,
Check if you have have the wan interfaces:
-  Enable VPN Service - Yes
- Internet works  and set Next-Hop IP
- License 10 use 0
- There is no new version 8.0.47
- My scheme in Knowledge Base"SANGFOR_NGAF_v8.0.47_IPSec VPN Active and Standby Configuration guide"

VPN07.JPG (52.71 KB, Downloads: 159)

VPN07.JPG

Vpn08.JPG (38.26 KB, Downloads: 153)

Vpn08.JPG
Farina Ahmed Lv5Posted 06 Mar 2024 15:29
  
If the interfaces are properly configured and still inactive in the VPN Paths section, consider checking for any configuration errors or conflicts that might prevent their selection. Ensure that the license limitations are not exceeded, particularly in terms of the allowed number of VPN paths.
Newbie676529 Lv1Posted 06 Mar 2024 18:45
  
The problem is High Availability (HA).
Turned off physically Active.
In Passive, the Add+ button has become active.
But without Active it does not allow you to make changes to the settings.
Newbie676529 Lv1Posted 06 Mar 2024 19:36
  
Solution:
Lower the priority of Active in the cluster to 20.
In passive, make it active - Preemption: ON.
Add "VPN Paths".
Then return the cluster to its original active - passive state.
Prosi Lv3Posted 06 Mar 2024 21:29
  
Please input the correct Gateway ID and verify if the device has a license because you can't activate it if no license have been bought.
Tayyab0101 Lv2Posted 07 Mar 2024 15:11
  
i believe you should have your solution by now.
Newbie676529 Lv1Posted 07 Mar 2024 15:58
  
Topic - Close

Swap active – passive. Add "VPN Paths". Then return the cluster to its original active – passive state.
There are no problems with the license.

I Can Help:

Change

Moderator on This Board

11
7
5

Started Topics

Followers

Follow

1
3
5

Started Topics

Followers

Follow

0
4
5

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
14
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders