I have been using the Sophos XG home license at home for over 8 months. I got it initially because I was planning on getting an XG 310 at work and since have.
Starting about 6 months ago I have been getting repeated notices from my ISP (Comcast) that I am about to go over my 1tb bandwidth for the month. Only thing I seem to be able to find is WAN download traffic on the System Graphs with no internal traffic to match. No reports show the traffic.
After about 3 months of off and on troubleshooting that couldn't repeat the issue I gave up. 2-3 months ago just before we bought the unit for work I stayed home all day to try and tackle this as I didn't want to have this issue at work. By the end of the day I figured out what I was doing right as the issue started each time. I was streaming off of one of my Amazon fire sticks. I finally figured out the cause and can repeat it any time I want. (ps I have 2 fire sticks that I can do this with.)
Now that I know the cause I have done tons of googling and log reviews but I can't seem to figure this one out.
One item I find very weird. If I unplug the fire stick and plug it in then no more WAN usage until a video stream is started. If I block the device for a few minutes the traffic stops but starts again once the block is removed.
Hope someone out there has a thought on what this could be.
Items tried:
- FW OS reinstall
- UniFi switch/APs resetup from scratch
- AV,IPS,filtering on or off and various different setting over the months.
- All FW updates applied as soon as I saw them.
- Replaced FW dual nic with supported Intel instead of non Intel (forgot the model)
This thread was automatically locked due to age.
