Can't connect to the Internet

• As it's right now, I can't pass traffic through my ISP but i can ping my Sohpos WAN IP's

Hi,

I would suggest you try editing both WAN interfaces, but make no changes and save them.

What type on external connections are you using?

Ian

Hello Adam,

Thank you for contacting the Sophos Community!

Do you have valid firewall rules for the traffic? Are the Local ACL allowing PING?  Does the Live log says anything when you try to Ping 8.8.8.8

If you SSH to the XG and source a Ping from one of the WAN interfaces, are you able to have a reply packet? 

Once you SSH please press 5>4 to end up in the console>

From here type 

console> ping interface Port2 8.8.8.8

console> ping interface Port5 8.8.8.8

Do you see a reply?

If you do see one, most likely you might be missing a Firewall. 

If you do 

console> drop-packet-capture 'x.x.x.x' (Substiture the x.x.x.x for a computer IP)

Do you see any packets being dropped? if so please copy and paste the output

Are you running v17 or v18?

Regards,

• Yea, actually we've alot of access policies ranging from cateconnectigory based policies, bandwidth allocation policies e.t.c though i can still have access to the Web GUI and ssh to the CLI. but when i ping from the LAN to i can access all my local devices Sohpos included.

So i was think since i can ping my Sohpos WAN IP connecting me ISP Gateway then is possible that my firewall is denying returning traffic.

But right now as it's i can't really say what exactly is going, if anything, I'm sure something is going on with my firewall

Hello Adam,

The XG is a Stateful firewall, so it won't deny return packet if there is matching rule.

I would recommend you to create a Firewall rule on Top of the rest of the Firewall rules without any restriction and see if it works, also try what I mentioned above.

Regards,

Thanks for sharing this Emmanuel..

Another thing is that at some point I couldn't access the |Web GUI so i had to enable that from the terminal though I'm not sure exactly why that happened. below is the command i used.

#system appliance-access enable

what do you think?

Regards,

Thanks for sharing this Emmanuel..

Another thing is that at some point I couldn't access the |Web GUI so i had to enable that from the terminal though I'm not sure exactly why that happened. below is the command i used.

#system appliance-access enable

what do you think?

Regards,

We have two different external/WAN connection, one is Radio while the second one is Fiber.

But this connection terminate at the ISP devices while we have LAN Cable's connecting us to the ISP devices.

Thank you.

Hello Adam,

Thank you for the follow-up!

Oh then it sounds like the Xg might be locking up or hanging! However when this happens usually you can't access via SSH either or console in.

Please try running the following commands:

console> system firewall-acceleration disable

console> system auto-reboot-on-stall enable

After running the commands above, please monitor if the issue happens again.

Also try seeing if there is any core dump in the device 

# ls -lah /var/cores

Just like you said but in this case I was able to access the terminal.  Also the issue repeated it self after enabling the above command shared earlier. See screenshot below image with command used. After this everything gonna turn to a nightmare's. I had to reboot for everything to normalize and have access to internet. What do you might be the root cause.