Hello,
I have some kind of problem with one of the WAN gateways on the Sophos XG Firewall.
The Gateway status is always in red, indicating it is down:
Before going more into detail, I want to present the network diagram to make things easier:
Essentially, we have two LAN (10.12.0.x and 10.0.0.x) under the Sophos XG Firewall and another LAN (172.26.0.x) under another firewall (not sophos).
This firewalls are connected into the VLAN 10.20.0.x (managed by a smart switch). Other devices as a NAS or a Server are also connected into this VLAN.
We have two different routers to go to the internet. (2 different internet providers)
Now, the problem is with the Sophos XG. Specifically, with the interface 10.20.0.68 that is configured on the Port 5 where the gateway is the Router B (10.20.0.6). The gateway status is down, but the connection trough this port seems to be working ok. We can see it on the following example.
The computer with IP 10.0.0.77 is going to the internet through the firewall rule ID 12. And the gateway for this rule is always the 10.20.0.68 (the one is down). We can see this configured on the following SD-WAN policy route:
Config:
And from the computer 10.0.0.77 we can navigate to the internet without any problem. In fact, if we do a “tracert” we can see that we are going out to the router 10.20.0.6.
So it seems that the connection is working fine but it is the Sophos who detects it as being down.
I went to check the failover condition for this gateway, and I saw that the ping to the router (10.20.0.6) is probably the problem:
When testing the ping from the Sophos on Diagnostics Tools Ping, if we test the ping through the Port5 we can see there is no response:
This seems to be what is causing the gateway to be down. I have been investigating but I don’t know why is this happening. If the ping is done through the Port2 it is working:
What could be the problem here? Where can I keep investigating? Any ideas?
Thanks in advance!
This thread was automatically locked due to age.
