Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 4043 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internet outage every xx minutes

helmut willems

Hello

 

i'm new in the company and they have here installed 2 XG firewalls( HA )

 

Every XX minute there is a internet outage for the whole site , and after 30 -60 seconds internet is back , this repeats every time.

 

What i already see and tested 

If i ping google.com - t   before  the outage then it resolve the ip addres and have correct ping's

If i ping google.com -t  when there is a outage , it resolve the ip address but have time outs on the ping , when the internet come's back then i have correct pings

 

Also strange thing : if there is a internet outage on a  TS session , then it is possible that on the local machine there is no outage

It's never the whole site in once , but the most works on a TS-server so all the people who work on this machine have on the same time this problem.

 

The company who delivers the firewall can't also find the problem ( they told they take contact with sophos) and the situation like this is already more then a Year.

 

Someone a  idea where the problem could be ??



This thread was automatically locked due to age.
Parents
  • 0

    Hello

     

     

    i looked at MTU = this is on 1500

     

    Checked the Drop packet in console , there i see some drop packet to the 10.x.x.x host

    but don't know if this is correct

     

    if there is a outage i can always reach the firewall on Lan side

  • 0 in reply to helmut willems

    So 

     

    When i do :  show network interfaces  in  console

     

    i see on PORT 1  RX State : 10264 packets dropped.

     

    Can this be something ?

     

  • 0 in reply to helmut willems

    Hi  

    If it is getting increased gradually this could be one of the possible reason.

    To fix it you may change the cable or remote end switch port or setting up the speed manually on both the end etc.

  • 0 in reply to Vishal_R

    also when i do

    drop-packet-capture interface Port1 

    i see lots of drop packets but als ip addresses who call ip on other subnet (who don't exist at the campus)

     

    2019-12-02 15:09:41 0544021 IP 10.0.0.213.61400 > 192.168.1.16.55855 : proto UDP: packet len: 60 checksum : 905
    0x0000: 4500 0050 81c4 0000 8011 ec4b 0a00 00d5 E..P.......K....
    0x0010: c0a8 0110 efd8 da2f 003c 0389 6000 0000 ......./.<..`...
    0x0020: 0000 3b15 2001 0000 2851 7ae4 287e 1027 ..;.....(Qz.(~.'
    0x0030: ab38 f845 2001 0000 2851 7ae4 28c8 25d0 .8.E....(Qz.(.%.
    0x0040: 9277 1664 0104 e738 82fb 0404 0100 0000 .w.d...8........
    Date=2019-12-02 Time=15:09:41 log_id=0544021 log_type=Content_Filter log_component=Application_Filter log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port1 out_dev= inzone_id=1 outzone_id=2 source_mac=f4:d1:08:59:a4:25 dest_mac=00:e0:20:11:0a:36 l3_protocol=IP source_ip=10.0.0.213 dest_ip=192.168.1.16 l4_protocol=UDP source_port=61400 dest_port=55855 fw_rule_id=1 policytype=1 live_userid=10556 userid=136 user_gp=11 ips_id=1 sslvpn_id=0 web_filter_id=4 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=7 app_category_id=7 app_id=50 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=1 cluster_node=0 inmark=0x0 nfqueue=253 scanflags=88 gateway_offset=1 max_session_bytes=0 drop_fix=0 ctflags=33554698 connid=1555927344 masterid=0 status=264 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

    2019-12-02 15:09:41 0544021 IP 10.0.0.213.61400 > 109.136.233.155.55855 : proto UDP: packet len: 60 checksum : 28189
    0x0000: 4500 0050 8bf7 0000 8011 4cad 0a00 00d5 E..P......L.....
    0x0010: 6d88 e99b efd8 da2f 003c 6e1d 6000 0000 m....../.<n.`...
    0x0020: 0000 3b15 2001 0000 2851 7ae4 287e 1027 ..;.....(Qz.(~.'
    0x0030: ab38 f845 2001 0000 2851 7ae4 28c8 25d0 .8.E....(Qz.(.%.
    0x0040: 9277 1664 0104 e738 82fb 0404 0100 0000 .w.d...8........
    Date=2019-12-02 Time=15:09:41 log_id=0544021 log_type=Content_Filter log_component=Application_Filter log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port1 out_dev= inzone_id=1 outzone_id=2 source_mac=f4:d1:08:59:a4:25 dest_mac=00:e0:20:11:0a:36 l3_protocol=IP source_ip=10.0.0.213 dest_ip=109.136.233.155 l4_protocol=UDP source_port=61400 dest_port=55855 fw_rule_id=1 policytype=1 live_userid=10556 userid=136 user_gp=11 ips_id=1 sslvpn_id=0 web_filter_id=4 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=7 app_category_id=7 app_id=50 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=1 cluster_node=0 inmark=0x0 nfqueue=253 scanflags=88 gateway_offset=1 max_session_bytes=0 drop_fix=0 ctflags=33554698 connid=1998453632 masterid=0 status=264 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

Reply
  • 0 in reply to Vishal_R

    also when i do

    drop-packet-capture interface Port1 

    i see lots of drop packets but als ip addresses who call ip on other subnet (who don't exist at the campus)

     

    2019-12-02 15:09:41 0544021 IP 10.0.0.213.61400 > 192.168.1.16.55855 : proto UDP: packet len: 60 checksum : 905
    0x0000: 4500 0050 81c4 0000 8011 ec4b 0a00 00d5 E..P.......K....
    0x0010: c0a8 0110 efd8 da2f 003c 0389 6000 0000 ......./.<..`...
    0x0020: 0000 3b15 2001 0000 2851 7ae4 287e 1027 ..;.....(Qz.(~.'
    0x0030: ab38 f845 2001 0000 2851 7ae4 28c8 25d0 .8.E....(Qz.(.%.
    0x0040: 9277 1664 0104 e738 82fb 0404 0100 0000 .w.d...8........
    Date=2019-12-02 Time=15:09:41 log_id=0544021 log_type=Content_Filter log_component=Application_Filter log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port1 out_dev= inzone_id=1 outzone_id=2 source_mac=f4:d1:08:59:a4:25 dest_mac=00:e0:20:11:0a:36 l3_protocol=IP source_ip=10.0.0.213 dest_ip=192.168.1.16 l4_protocol=UDP source_port=61400 dest_port=55855 fw_rule_id=1 policytype=1 live_userid=10556 userid=136 user_gp=11 ips_id=1 sslvpn_id=0 web_filter_id=4 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=7 app_category_id=7 app_id=50 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=1 cluster_node=0 inmark=0x0 nfqueue=253 scanflags=88 gateway_offset=1 max_session_bytes=0 drop_fix=0 ctflags=33554698 connid=1555927344 masterid=0 status=264 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

    2019-12-02 15:09:41 0544021 IP 10.0.0.213.61400 > 109.136.233.155.55855 : proto UDP: packet len: 60 checksum : 28189
    0x0000: 4500 0050 8bf7 0000 8011 4cad 0a00 00d5 E..P......L.....
    0x0010: 6d88 e99b efd8 da2f 003c 6e1d 6000 0000 m....../.<n.`...
    0x0020: 0000 3b15 2001 0000 2851 7ae4 287e 1027 ..;.....(Qz.(~.'
    0x0030: ab38 f845 2001 0000 2851 7ae4 28c8 25d0 .8.E....(Qz.(.%.
    0x0040: 9277 1664 0104 e738 82fb 0404 0100 0000 .w.d...8........
    Date=2019-12-02 Time=15:09:41 log_id=0544021 log_type=Content_Filter log_component=Application_Filter log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port1 out_dev= inzone_id=1 outzone_id=2 source_mac=f4:d1:08:59:a4:25 dest_mac=00:e0:20:11:0a:36 l3_protocol=IP source_ip=10.0.0.213 dest_ip=109.136.233.155 l4_protocol=UDP source_port=61400 dest_port=55855 fw_rule_id=1 policytype=1 live_userid=10556 userid=136 user_gp=11 ips_id=1 sslvpn_id=0 web_filter_id=4 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=7 app_category_id=7 app_id=50 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=1 cluster_node=0 inmark=0x0 nfqueue=253 scanflags=88 gateway_offset=1 max_session_bytes=0 drop_fix=0 ctflags=33554698 connid=1998453632 masterid=0 status=264 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

Children
No Data