Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 13 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 4202 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I am using XG v18 and getting intemittent connection drops - how to find the root cause.

Samy Wee

I have a simple home setup using V18. (WAN to LAN with IPS and web-filtering) Seems to work fine, except few times a day I loose connection to internet for 20-30 seconds (about 10 consecutive ping drops if I leave a ping running). I know my internet on WAN is not dropping as I have a device on wan which do not drop pings or loose connection. 

Need some help in trouble shooting. I suspect may be IPS or blocking kicking into block all of my outgoing traffic for few seconds. What logs to look for. need some help please. Do we have a troubleshooting guide for this type of drops. Do we have a troubleshooting guide?

Thank you,

- Sam



This thread was automatically locked due to age.
Parents
  • 0

    Hello Samy,

    Thank you for contacting the Sophos Community.

    Please connect to the XG following this KB (https://community.sophos.com/kb/en-us/133678)

    Once in there press number 4 to land in the console and run the following command:

    console > drop-packet-capture 'host X.X.X.X and host 8.8.8.8' (Modify the X.X.X.X to be the Private IP of the computer where you are running the Ping)

    If the XG is dropping  the traffic you will see something there.

    You can also check at the time the issue happens the fwlog.log

    In a new Putty session/window now go 5>3 then type cd /log and press enter

    then you can type less # less fwlog.log (ctrl + g takes you to the last line) and check the time when the issue happens

    Additionally, to this, I would also recommend you to leave or run a conntrack when the issue is happening

    #conntrack -E -s X.X.X.X 

    Check for unreplied packets.

    And finally, check the IPS.log for anything the XG might be dropping at that time, and also when the issue is happening confirm if the XG can ping 8.8.8.8

    Regards,

  • 0 in reply to emmosophos

    Hello emmosophos,

     

    Thank you for the reply. I still keep getting the drops, how ever it is difficult to catch the drops using 'drop-packet-capture' console command as the ssh time-outs much quickly. Still I will try to catch a drop, by keeping an eye. (This happens few times a day, and at that time, ssh has timed out and don't have any output so far). 

     

    STAT was enabled, but not used as far as I understand in my config (I do not authenticate users). I am going to disable STAT and see if it still happens. 

     

    Is there any setting to disable ssh timing out for trouble-shooting purposes?

     

    - Sam 

  • 0 in reply to Samy Wee

    XG uses a SSH IDLE Timeout.

    To prevent this, use a SSH client, which can handle keep a live sessions. 

  • 0 in reply to LuCar Toni

    Toni, thank you for the tip;  putty is capable of setting a keep-alive on it, under Connection settings. now I will try to capture some drops. Thank you. 

Reply Children
No Data