Hi everyone,
Please help... :(
I have a Sophos XG 115w firewall deployed at a customer's office. We've received calls from our customer complaining that they lose network to all local machines (servers, printers etc) and to the internet. The first this was reported was Friday 11:30hrs and the first time this happened, I went to site and restarted the firewall. All interfaces and services came back up and all was well until today! Got another call from the same customer complaining about the same thing. This time, I delayed a bit going to site and found the device working when I got there, without a reboot. According to the system graphs, interfaces went down from around 12:00hrs (noon time) and came back at around 1420hrs. I think they noticed that services were down at around 1330hrs as that's when I received the call.
Port1 is my LAN interface, which is bridged with my Wifi and notice some traffic showing up just after 1420hrs. By the way, this behavior shows on all physical interfaces, of which all are WAN interfaces with failovers and load balancing. All my users are connected via Wifi and servers and printers are connected via cable. The appliance is also my router, DNS and DHCP server and I have an unmanaged switch connected my cabled machines. One thing that I did notice was that the Sophos appliance felt hot to the touch. Certain areas of it's chassis felt way too hot to hold down for more than 5 seconds. So I shut it down, allowed it to cool off and moved to a more spacious and well ventilated area. Can excessive heat cause such a thing? Is there anything I can try out to sort this out?
My cpu usage ranges between 50 - 60% and I have about 20 - 22 users live users connected at most times. I am very new to Sophos and I am not familiar with extracting detailed logs via the advanced shell so some guidance in this area is much appreciated.
Your help is much appreciated!
Thanks
This thread was automatically locked due to age.
