Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 20 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 2531 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos XG 135 - Internet stops working for 10-15 mins

MiroslavCacija

Hi all,

we have a strange problem with daily internet outages that lasts for about 10-15 mins. There is no internet in the office at all during the outage, and no one can connect from the outside. I can see clearly on the graph that internet stopped working. I've tried disabling STAS completely, but it happened again. No logs, no e-mail notifications, and no internet Slight smile

This is driving me and users CRAZY.

What is happening with this device ? We have HA config.

No answer from support, and no new firmware from December 2020., really ?

Any ideas what can I try to disable ?

I can disable all security features, but than why we are paying for it ?



This thread was automatically locked due to age.
Parents
  • 0

    New info -

    - Internet stops regularly every morning when users comes to work, around 9 h

    - I can even ping the WAN interface, and I can connect to the VPN successfully but I cannot reach any internal resource, and users cannot browse any internet resource during the outage

    - I can connect to User Portal

    - Outage last for about 10-15 mins

    - Outage persists between devices in HA ( tried switching devices )

    Any clue before devices replacement ? ?

  • 0 in reply to MiroslavCacija

    Hello Miroslav,

    In these cases, I would try to Console in or SSH into the XG, to see what output the XG is showing at the moment.

    If you’re able to console, I would check the syslog.log and the csc.log try to do a tcpdump and/or drop-packet-caputre see if the XG is throwing the packets or simply ignoring them.

    In any case, if the issue happens again with the new devices, get the logs I mentioned above, and the console output and mention this is the Second time the issue has happened, and send me the Case ID.

    Regards,

  • 0 in reply to emmosophos

    Soooo ... after pulling my hair some more  with this annoying problems ... it seems that SSL decryption engine in 18.0.4 is completely broken. As the last resort I've disabled SSL decryption in firewall rules and globally, and magically we have no internet outages for two days. I just wanted to save myself some travel time ( 80 km in one direction ) to replace units for RMA ones, because I felt that this could be a software problem. We have HA, and the same problem is present on both units.

    So Sophos, shame on you once more, I'm really, really disappointed ... again.

    - can you please check will this problem be solved in firmware update, and WHEN will FW update be available ?

  • 0 in reply to MiroslavCacija

    Hello Miroslav,

    MR5 is coming out next week, I am not 100% sure as to what issue you’re referring to, but MR5 will be fixing some issues related to TLS/SSL inspection.

    Did you see any error under the TLS engine? Such as Flow_Time OUT or Dropped due to TLS engine error 

    In any case let me know if the issue persists after you install MR5, so we can follow up accordingly.

    Regards,

Reply Children
No Data