Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 15 replies
  • Subscribers 30 subscribers
  • Views 3564 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG in VMware : Request Timed Out for ping after long pause..

huud

Hi,

I installed the XG in VMware and resumed the XG VM from a pause of about 1-2 hours and now the firewall is unreachable, and the devices cannot ping the interfaces either but devices in the same network can ping each other.

The Sophos console cannot ping its interfaces either.

It only came to work after a restart, and this is not the first time I'm noticing this, will go through the settings to see if there's anything.

Is there any timeout or inactivity setting ?

Thanks.



This thread was automatically locked due to age.
  • 0 in reply to LuCar Toni

    I'll test the v18 and see.

    As for date and time they are from an NTP server.

  • 0 in reply to huud

    As we do not take about vmware workstation, instead ESXi, i would suggest to take a look at the Vmware Database. Maybe there is an issue about this problem. 

    I know in fact, that in the latest vmware workstation, there is a problem about the VMware NAT adapter, which simply drops all traffic until you restart the host service. Maybe there is a similar issue with your setup. 

    If you could recreate this issue and perform a tcpdump on XG, you could see, if the packets actually arrives at your Interface or not. 

  • 0 in reply to LuCar Toni

    Thanks for pointing those 2 out.

    I'll go through vmware database and Sophos dump as well.

    Appreciate your help, thanks a lot.

  • 0 in reply to huud

    Hi huud,

    what does the screenshot of the logs mean in relation to the initial ping problem?

    Normal TCP Connections should time out after a while. If the firewall is suspended for a while the connections will time out ...


    This does not explain the ping issue, though.


    Possibly it helps to clear the arp table of the client and/or the switch.


    I'd always make an explicit deny rule at the end of the firewall rules. This schould contain all zones (and not the zone any). It is not the same as having no deny rule at all .... 

  • +2 in reply to huud

    Hi  

    The Sophos XG whether its Home edition or paid for version, does not support pausing of the VM or snapshot.

    This is true for all versions of the XG for now.  There are plans to change this in future versions of the SFOS OS.

    Your best option going forward now, is a rebuild and restore from backup if you have.  Please ensure you disable snapshots and any other backup technologies running on the VM for this guest.  You must use the XG's builtin backup option.

    Thanks!