Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 27 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 21945 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Specific sites slow after upgrade to 17.5.8 MR8

Josh Rogalski

We have a Sophos XG 450 rev2.  About a week and a half ago we updated to 17.5.8 MR8 and since then certain web apps we use have been experiencing intermittent slowness.  Didn't notice it until after the update but can't guarantee it is related.  I opened a case with Sophos support but they are having trouble pin pointing the issue.  Issue seems to happen specifically to web apps where you login, or where you submit or read data from a database (Sophos support portal had the issue for example when submitting the ticket).

 

Curious if anyone else with a XG 450 on the same version has seen this issue.  Tried rebooting, also tried shutting off certain services like IPS/IDS but didn't seem to help at all. Affecting our students greatly, while support investigates, does anyone have any suggestions?



This thread was automatically locked due to age.
Parents
  • 0

    I realize this has been quite some time since I replied back, but wanted to share what we found in case anyone else comes across this.  After some work with the Community and with support we discovered that almost all of our Firewall rules were set with the Primary Gateway being "WAN Link load balance".  I noticed that if I changed this setting to be the gateway for the WAN port instead the problem vanished instantly.  It appears that we were trying to load balance our connections even though we only had one outbound gateway.  It was like it was load balancing between the outbound and inbound gateways. 

    If you find yourself with connections that sometimes work and sometimes don't, especially in stateful web apps I would check your "Primary Gateway" setting and make sure it isn't WAN link load balancer, unless you are doing multiple WAN links.  *(This setting exists in the actual firewall rule in version 17 but I think has been put into it's own section in version 18)

     

Reply
  • 0

    I realize this has been quite some time since I replied back, but wanted to share what we found in case anyone else comes across this.  After some work with the Community and with support we discovered that almost all of our Firewall rules were set with the Primary Gateway being "WAN Link load balance".  I noticed that if I changed this setting to be the gateway for the WAN port instead the problem vanished instantly.  It appears that we were trying to load balance our connections even though we only had one outbound gateway.  It was like it was load balancing between the outbound and inbound gateways. 

    If you find yourself with connections that sometimes work and sometimes don't, especially in stateful web apps I would check your "Primary Gateway" setting and make sure it isn't WAN link load balancer, unless you are doing multiple WAN links.  *(This setting exists in the actual firewall rule in version 17 but I think has been put into it's own section in version 18)

     

Children
No Data