Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 2993 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firewall Gateway down again and again but we can ping of firewall Gateway.

Manish Asodariya

Hello,

Our firewall gateway down again and again within 5 to 6 hours, 

We have checked firewall gateway IP ping it is reachable but showing red status on Network --> WAN link manager & Routing --> gateway

Also I tried login to firewall go to diagnostic -->Ping to gateway IP without interface selection I able to ping of gateway IP, but if I select Interface WAN and try to ping I can not ping to the gateway IP

Due to this our web server port forwarding working stop and web site inaccessible

We have to be restarted firewall every times whenever gateway showing red status,after restart the firewall gateway status showing green and Up and our web sites is accessible. 

Without restart firewall gateway does not up automatically 

We have Only one ISP, we configured fix public IP on firewall which provide by our ISP

I use Sophos XG Firewall Home Edition Installed on ESXI 7.0

Firmware Version is (18.0.5 MR-5 Build586)



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hey ,

    It could be that the ISP gateway is losing the ARP of Firewalls WAN IP, Jus the fact that a quick reboot makes it work.

    Next time if this happens, 

    • Take the SSH session.
    • Select option 4 > Console.
    • Run the command -->  system diagnostics utilities arp ping source <WAN_IP> interface <WAN_Interface> <gateway-IP>
      (e.g. : system diagnostics utilities arp ping source 192.10.10.10 interface Port4 192.10.10.1)

    This will force ARP the gateway. Alternatively, You can just open the interface and hit save (without making any changes).

  • 0 in reply to FormerMember

    We have the same issue, but on 18.5.1

    We tried an HA failover, still the same

    Ran the command suggested, 100% responses

    Edited and saved interface

    Gateway still shows down, but it is actually working for quite a lot of traffic (~50Mb/s at the moment), both inbound and outbound.  But not all traffic is using this gateway when it should (there are three gateways in total).

    Any ideas?

Reply
  • 0 in reply to FormerMember

    We have the same issue, but on 18.5.1

    We tried an HA failover, still the same

    Ran the command suggested, 100% responses

    Edited and saved interface

    Gateway still shows down, but it is actually working for quite a lot of traffic (~50Mb/s at the moment), both inbound and outbound.  But not all traffic is using this gateway when it should (there are three gateways in total).

    Any ideas?

Children
  • FormerMember
    0 FormerMember in reply to CMR

    Check and verify which failover conditions are set in the Gateway settings under WAN Link Managers. If the conditions are set to ping the Gateway IP, Try changing it to 8.8.8.8 or any of your preferable Public IP.