Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 30 subscribers
  • Views 6973 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Rule Changes disconnect all traffic

IT-Support-247

Hi,

When I make a change to an (unrelated) firewall rule, particularly a WAF rule, the firewall will disconnect all sessions for all rules/sites for a few seconds. This happens for all of our hosted websites.

For example:

1. Make a change to Website Rule A

2. Users report being disconnected/404 errors on Website B, C or D

Hitting refresh again solves the issue, but this isn't great when I want to test and tinker with some other rules and websites that we use.

Is this by design? We also use Sonicwalls that do not cause this problem when we change rules.

Even if I make a change to Web Protection Policies, is disconnects everybody for a few seconds upon saving the policy/rule.

Really frustrated :(



This thread was automatically locked due to age.
Parents
  • 0

    We are having this issue on SG650 devices. Very low CPU/Memory usage.

     

    We have 30-40 WAF rules. If we make a change to any of them, users report being disconnected to sites published in other rules.

     

    It also takes at least a minute to save a WAF policy, just seems to hang forever. Whereas a network type rule is instant

     

    Is this expected behaviour or a bug?

  • 0 in reply to David Mace

    Hi David

     

    Thanks for reviving this post. It's still an issue now, but I've learn to live with it.

    Apparently this issue occurs because changing WAF rules forces the Apache service to restart.

    Not sure if there will ever be a way around it.

    I'm starting to look at other UTM vendors going forward and I'm not certain I will stick with Sophos when our licensing expires.

  • 0 in reply to IT-Support-247

    Hi  and  

    Sorry for the inconvenience caused! Could you please let me know, are you using Sophos XG firewall or Sophos IUTM 9 and facing this issue?

    I would request you to contact technical support and open a service request to investigate the issue further, please PM us the service request number.

Reply Children