Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 29 subscribers
  • Views 6326 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SFOS 17.1.3 MR-3 HTTPS sessions are freezing.

Maxim Grechikhin

Hi all!

Recently we got "XG 135 w" with subj firmware. After I configured all necessary policies and rules I performed a test launch by switching a couple of live users from old Cisco firewall to this new one.

Our users work with cloud CRM via HTTPS protocol and all switched users noticed that after a time webpage of CRM freezes and it is impossible to refresh it. Users had to relogin into CRM.

From my side I noticed the same with online radio app (PCradio) which works fine through Cisco firewall but hiccups and freezes while using Sophos.

Any ideas how to overcome this disappointment?

I didn't check the workflow with previous (recommended) firmware because it does not allow to restore the configuration made under newer one and there are a lot of settings to reproduce them again manually.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Maxim, 

    Make sure you have imported the Sophos SSL CA in the user systems root certificate directory. Refer to, https://community.sophos.com/kb/en-us/123048. If this is ok, and HTTPS scanning is the problem, then create exception for URLs associated to the CRM. 

    For advance troubleshooting, referencing my TS guide; check #1.1 and find the firewall rule ID that forwards the traffic. Then, check #1.2 and see if any defined filter policies within the firewall rule, drops the any related packets.

    Finally, check #4, #4.1 and #4.2, after verifying all the troubleshooting information, let me know the result and the glimpse of all the steps you performed. 

    Thanks, 

  • 0 in reply to sachingurung

    Hi Sachin,

    Today I tested firmware versions:

    SFOS 17.1.2 MR-2

    SFOS 16.05.9 MR-9

    and with minimum of configurations: (WiFi, Remote Access L2TP VPN, RADIUS auth, Single Sign On Client, and 1 firewall rule with user matching)

    The subj issue appears in all versions of firmware (.

     

    I've captured a log of dropped packets after event of which my PCRADIO translation frozen for a few seconds.

    https://we.tl/t-aApFSUE1lL

    Will appreciate any ideas how to overcome the issue except refunding Sophos appliance and 3yr subscription.

Reply
  • 0 in reply to sachingurung

    Hi Sachin,

    Today I tested firmware versions:

    SFOS 17.1.2 MR-2

    SFOS 16.05.9 MR-9

    and with minimum of configurations: (WiFi, Remote Access L2TP VPN, RADIUS auth, Single Sign On Client, and 1 firewall rule with user matching)

    The subj issue appears in all versions of firmware (.

     

    I've captured a log of dropped packets after event of which my PCRADIO translation frozen for a few seconds.

    https://we.tl/t-aApFSUE1lL

    Will appreciate any ideas how to overcome the issue except refunding Sophos appliance and 3yr subscription.

Children