Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 14 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1591 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

intermittent firewall connection

Jeff Co

Hi,

We recently deployed a brand new Sophos XG115W with the latest firmware SFOS 18.0.3 MR-3 but for some reason everyday the customer has to reboot the firewall and connection will be restored. I checked the events and nothing shows up except the attached screen capture

Sophos support really slow in responding and not a good impact for a new sophos admin like me. This is the first time our team decides to use Sophos for Customers.

Thanks

Jeff



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Jeff Co

    Hello Jeff,

    Thank you for contacting the Sophos Community!

    Please provide me the Case ID so I can follow-up!

    What is the exact issue the customer is experiencing? The device stops processing traffic?

    If so please try running this command and monitor if the issue resurfaces. (The command must be run from the Console of the XG, to which you will need to SSH and then press 5>4). 

    console> system firewall-acceleration disable 

    regards,

  • 0 in reply to Jeff Co

    So the case ID is: 03351988. This case ID basically is asking how to check for system events, because I needed these events for further troubleshooting. 

    Basically everyday the customer's firewall which we deployed loses it's heartbeat and will disconnect all of them from the internet. It has been straight 3 days where the first thing in the morning as soon as they arrive the office, they notice they don't have a connection and had to call us and the only way to resolve it is we had to ask them to reboot the device. Not sure if traffics stops processing because just like yesterday, the Central Admin report shows it stopped 1:15am.

    Can we do remote ssh on this device?

    Thanks

    Jeff

  • 0 in reply to Jeff Co

    Hello Jeff,

    Thank you for the follow-up!

    Yes, you can SSH remotely to the XG.

    I would recommend you to create a Local ACL exception, for the Public IP where you are going to be connecting from, so this way you don't have to enable SSH on the WAN publicly.

    Regards,

  • 0 in reply to emmosophos

    I just noticed a pattern on the logs prior it goes down, every time an AV definition upgrade then it stops there. I will test by turning of AV and see how it goes tom.