Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 2994 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Gateway down again and again but we can ping of firewall Gateway.

Manish Asodariya

Hello,

Our firewall gateway down again and again within 5 to 6 hours, 

We have checked firewall gateway IP ping it is reachable but showing red status on Network --> WAN link manager & Routing --> gateway

Also I tried login to firewall go to diagnostic -->Ping to gateway IP without interface selection I able to ping of gateway IP, but if I select Interface WAN and try to ping I can not ping to the gateway IP

Due to this our web server port forwarding working stop and web site inaccessible

We have to be restarted firewall every times whenever gateway showing red status,after restart the firewall gateway status showing green and Up and our web sites is accessible. 

Without restart firewall gateway does not up automatically 

We have Only one ISP, we configured fix public IP on firewall which provide by our ISP

I use Sophos XG Firewall Home Edition Installed on ESXI 7.0

Firmware Version is (18.0.5 MR-5 Build586)



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hey ,

    It could be that the ISP gateway is losing the ARP of Firewalls WAN IP, Jus the fact that a quick reboot makes it work.

    Next time if this happens, 

    • Take the SSH session.
    • Select option 4 > Console.
    • Run the command -->  system diagnostics utilities arp ping source <WAN_IP> interface <WAN_Interface> <gateway-IP>
      (e.g. : system diagnostics utilities arp ping source 192.10.10.10 interface Port4 192.10.10.1)

    This will force ARP the gateway. Alternatively, You can just open the interface and hit save (without making any changes).

  • 0 in reply to FormerMember

    Hi devesh,

    No any way for gateway up automatically this issue happen 2-3 times in a day.

  • 0 in reply to Manish Asodariya

    Hello Manish,

    Try connecting a dumb L2 switch between the XG WAN and the Modem of your ISP provider. It might help with the issue.

    Regards,

  • 0 in reply to emmosophos

    Hello Emmanuel,

    Our server place on datacenter co location which situated US region 

    Also we confirmed with our datacenter service provider they have confirmed that direct connectivity from L3 juniper switch to our servers.

  • FormerMember
    0 FormerMember in reply to Manish Asodariya

    Hey Manish, 

    If it's not feasible to add a switch in between XG and your ISP router as Emmanuel suggested, You can try running the command I gave you and see if that resolves the problem. 

    If it does, then you can add a static ARP entry for the XG"s WAN IP with the WAN interface's MAC on the ISP router in the Data Center

Reply
  • FormerMember
    0 FormerMember in reply to Manish Asodariya

    Hey Manish, 

    If it's not feasible to add a switch in between XG and your ISP router as Emmanuel suggested, You can try running the command I gave you and see if that resolves the problem. 

    If it does, then you can add a static ARP entry for the XG"s WAN IP with the WAN interface's MAC on the ISP router in the Data Center

Children
No Data